CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-30047
https://notcve.org/view.php?id=CVE-2021-30047
22 Aug 2023 — VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed. VSFTPD 3.0.3 permite a los atacantes provocar una denegación de servicio debido al número limitado de conexiones permitidas. • https://www.exploit-db.com/exploits/49719 •
CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 0CVE-2021-3618 – Ubuntu Security Notice USN-6379-1
https://notcve.org/view.php?id=CVE-2021-3618
23 Mar 2022 — ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at ... • https://alpaca-attack.com • CWE-295: Improper Certificate Validation •
CVSS: 10.0EPSS: 94%CPEs: 4EXPL: 26CVE-2011-2523 – vsftpd 2.3.4 - Backdoor Command Execution
https://notcve.org/view.php?id=CVE-2011-2523
27 Nov 2019 — vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp. vsftpd versión 2.3.4 descargado entre 20110630 y 20110703, contiene una puerta trasera (backdoor) que abre un shell en el puerto 6200/tcp. • https://packetstorm.news/files/id/162145 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 26%CPEs: 19EXPL: 6CVE-2011-0762 – vsftpd 2.3.2 - Denial of Service
https://notcve.org/view.php?id=CVE-2011-0762
02 Mar 2011 — The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. La función vsf_filename_passes_filter de ls.c de vsftpd en versiones anteriores a la 2.3.3 permite a usuarios autenticados remotos provocar una denegación de servicio (consumo de toda la CPU y agotamiento de los sl... • https://packetstorm.news/files/id/180501 • CWE-400: Uncontrolled Resource Consumption •