CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3387
https://notcve.org/view.php?id=CVE-2005-3387
The startup script in packages/RedHat/ntop.init in ntop before 3.2, when ntop.conf is writable by users besides root, creates temporary files insecurely, which allows remote attackers to execute arbitrary code. • http://listgateway.unipi.it/pipermail/ntop-dev/2005-March/005296.html http://secunia.com/advisories/17382 http://www.securityfocus.com/bid/15242 http://www.vupen.com/english/advisories/2005/2251 •
CVSS: 7.5EPSS: 9%CPEs: 1EXPL: 0CVE-2002-0412
https://notcve.org/view.php?id=CVE-2002-0412
Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication. Vulnerabilidad de cadena de formato en la función TraceEvent para ntop anteriores a la 2.1 permite a atacantes remotos la ejecución de código arbitrario haciendo que la cadena del formato forme parte de las llamadas a la función syslog, mediante: una petición HTTP GET un nombre de usuario en la autenticación HTTP una contraseña en la autenticación HTTP. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0056.html http://listmanager.unipi.it/pipermail/ntop-dev/2002-February/000489.html http://marc.info/?l=bugtraq&m=101854261030453&w=2 http://marc.info/?l=bugtraq&m=101856541322245&w=2 http://marc.info/?l=bugtraq&m=101908224609740&w=2 http://online.securityfocus.com/archive/1/259642 http://snapshot.ntop.org http://www.iss.net/security_center/static/8347.php http://www.osvdb.org/5307 http://www.securityfocus. •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2000-0706 – Luca Deri ntop 1.2 a7-9/1.3.1 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0706
Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands. • https://www.exploit-db.com/exploits/20150 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:36.ntop.asc http://www.debian.org/security/2000/20000830 http://www.osvdb.org/1513 http://www.securityfocus.com/bid/1576 •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 3CVE-2000-0705 – Luca Deri ntop 1.2 a7-9 - Unauthorized File Retrieval
https://notcve.org/view.php?id=CVE-2000-0705
ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack. • https://www.exploit-db.com/exploits/20143 http://archives.neohapsis.com/archives/bugtraq/2000-07/0459.html http://www.osvdb.org/1496 http://www.redhat.com/support/errata/RHSA-2000-049.html http://www.securityfocus.com/bid/1550 •