FTP Server
by Cerberus
CVEs (27)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-2999 | 0.00 | — | 0.01 | Oct 4, 2012 | Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service,… | |||
| CVE-2004-2769 | 0.00 | — | 0.01 | Jul 2, 2010 | Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands. | |||
| CVE-2007-5930 | 0.00 | — | 0.01 | Nov 10, 2007 | Cross-site scripting (XSS) vulnerability in the web interface in Cerberus FTP Server before 2.46 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2005-3467 | 0.00 | — | 0.02 | Nov 2, 2005 | Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE:… | |||
| CVE-2003-1476 | 0.00 | — | 0.00 | Dec 31, 2003 | Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access. | |||
| CVE-2001-1295 | 0.00 | — | 0.02 | Aug 21, 2001 | Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command. | |||
| CVE-2000-0479 | 0.00 | — | 0.02 | Jun 16, 2000 | Dragon FTP server allows remote attackers to cause a denial of service via a long USER command. |
- CVE-2012-2999Oct 4, 2012risk 0.00cvss —epss 0.01
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service,…
- CVE-2004-2769Jul 2, 2010risk 0.00cvss —epss 0.01
Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands.
- CVE-2007-5930Nov 10, 2007risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the web interface in Cerberus FTP Server before 2.46 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2005-3467Nov 2, 2005risk 0.00cvss —epss 0.02
Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE:…
- CVE-2003-1476Dec 31, 2003risk 0.00cvss —epss 0.00
Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access.
- CVE-2001-1295Aug 21, 2001risk 0.00cvss —epss 0.02
Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command.
- CVE-2000-0479Jun 16, 2000risk 0.00cvss —epss 0.02
Dragon FTP server allows remote attackers to cause a denial of service via a long USER command.
Page 2 of 2