VYPR

Ftpd

by NetBSD

CVEs (5)

  • CVE-2000-0574Jul 7, 2000
    risk 0.08cvss epss 0.59

    FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary…

  • CVE-2008-4247Sep 25, 2008
    risk 0.03cvss epss 0.04

    ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via…

  • CVE-2023-45198Oct 5, 2023
    risk 0.00cvss epss 0.00

    ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) before 20231001 is also vulnerable.

  • CVE-2002-2245Dec 31, 2002
    risk 0.00cvss epss 0.01

    ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.

  • CVE-2000-0462May 28, 2000
    risk 0.00cvss epss 0.00

    ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.