VYPR

GSSFTP

by Mit

CVEs (2)

  • CVE-2007-5894Dec 6, 2007
    risk 0.00cvss epss 0.03

    The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions…

  • CVE-2000-0514Jun 14, 2000
    risk 0.00cvss epss 0.03

    GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.