3 results (0.003 seconds)

CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0

Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. Vulnerabilidad de salto de directorio en Rhino Software, Inc. FTP Voyager v15.2.0.11 y posiblemente versiones previas, permite a servidores FTP remotos crear archivos de su elección a través de la secuencia "..\" en el nombre de archivo. • http://marc.info/?l=bugtraq&m=128654931101920&w=2 http://packetstormsecurity.org/1010-exploits/ftpvoyager-traversal.txt http://secunia.com/advisories/41719 http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_ftp_voyager.html http://www.osvdb.org/68607 http://www.securityfocus.com/bid/43869 https://exchange.xforce.ibmcloud.com/vulnerabilities/62392 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 2

Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command. Desbordamiento de búfer en Rhino Software, Inc. FTP Voyager 14.0.0.3 y anteriores permite a servidores remotos provocar denegación de servicio (caida) a través de una respuesta a un comando CWD, lo cual dispara el desbordamiento de flujo cuando el usuario aborta el comando. • https://www.exploit-db.com/exploits/3343 http://osvdb.org/33746 http://www.securityfocus.com/bid/22637 https://exchange.xforce.ibmcloud.com/vulnerabilities/32593 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands. • http://www.kb.cert.org/vuls/id/320944 https://exchange.xforce.ibmcloud.com/vulnerabilities/7119 •