VYPR

Guildftpd

by Guildftpd

CVEs (8)

  • CVE-2008-4572Oct 15, 2008
    risk 0.08cvss epss 0.61

    GuildFTPd 0.999.14, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly…

  • CVE-2000-0640Jul 8, 2000
    risk 0.04cvss epss 0.07

    Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not.

  • CVE-2006-5133Oct 3, 2006
    risk 0.00cvss epss 0.03

    Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have an unknown impact, possibly code execution related to input containing "globbing chars."

  • CVE-2003-1267Dec 31, 2003
    risk 0.00cvss epss 0.02

    GuildFTPd 0.999 allows remote attackers to cause a denial of service (crash) via a GET request for MS-DOS device names such as lpt1.

  • CVE-2001-0768Oct 18, 2001
    risk 0.00cvss epss 0.00

    GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file.

  • CVE-2001-0767Oct 18, 2001
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET.

  • CVE-2001-0770Oct 18, 2001
    risk 0.00cvss epss 0.03

    Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to execute arbitrary code via a long SITE command.

  • CVE-2001-0769Oct 18, 2001
    risk 0.00cvss epss 0.01

    Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character.