Golden FTP Server
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-4194 | Hig | 0.56 | 8.1 | 0.03 | Dec 3, 2009 | Directory traversal vulnerability in Golden FTP Server 4.30 Free and Professional, 4.50, and possibly other versions allows remote authenticated users to delete arbitrary files via a .. (dot dot) in the DELE command. NOTE: some of these details are obtained from third party… | ||
| CVE-2024-0889 | Med | 0.35 | 5.3 | 0.01 | Jan 25, 2024 | A vulnerability was found in Kmint21 Golden FTP Server 2.02b and classified as problematic. This issue affects some unknown processing of the component PASV Command Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been… | ||
| CVE-2006-6576 | 0.08 | — | 0.67 | Dec 15, 2006 | Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long PASS command. NOTE: it was later reported that 4.70 is also affected. NOTE: the USER vector… | |||
| CVE-2006-2180 | 0.04 | — | 0.07 | May 4, 2006 | Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands, as demonstrated by the Infigo FTPStress Fuzzer. | |||
| CVE-2005-4553 | 0.04 | — | 0.10 | Dec 28, 2005 | Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long APPE command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||
| CVE-2005-0634 | 0.04 | — | 0.10 | May 2, 2005 | Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command. | |||
| CVE-2005-0566 | 0.04 | — | 0.16 | Jan 22, 2005 | Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command. | |||
| CVE-2005-2142 | 0.00 | — | 0.01 | Jul 5, 2005 | Directory traversal vulnerability in Golden FTP Server 2.60 allows remote authenticated attackers to list arbitrary directories via a "\.." (backslash dot dot) in an LS (LIST) command. | |||
| CVE-2005-1484 | 0.00 | — | 0.02 | May 11, 2005 | Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command. | |||
| CVE-2005-1485 | 0.00 | — | 0.01 | May 11, 2005 | Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request for a file that does not exist, which reveals the absolute path of the FTP server in the resulting FTP error message. |
- risk 0.56cvss 8.1epss 0.03
Directory traversal vulnerability in Golden FTP Server 4.30 Free and Professional, 4.50, and possibly other versions allows remote authenticated users to delete arbitrary files via a .. (dot dot) in the DELE command. NOTE: some of these details are obtained from third party…
- risk 0.35cvss 5.3epss 0.01
A vulnerability was found in Kmint21 Golden FTP Server 2.02b and classified as problematic. This issue affects some unknown processing of the component PASV Command Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been…
- CVE-2006-6576Dec 15, 2006risk 0.08cvss —epss 0.67
Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long PASS command. NOTE: it was later reported that 4.70 is also affected. NOTE: the USER vector…
- CVE-2006-2180May 4, 2006risk 0.04cvss —epss 0.07
Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands, as demonstrated by the Infigo FTPStress Fuzzer.
- CVE-2005-4553Dec 28, 2005risk 0.04cvss —epss 0.10
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long APPE command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2005-0634May 2, 2005risk 0.04cvss —epss 0.10
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.
- CVE-2005-0566Jan 22, 2005risk 0.04cvss —epss 0.16
Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command.
- CVE-2005-2142Jul 5, 2005risk 0.00cvss —epss 0.01
Directory traversal vulnerability in Golden FTP Server 2.60 allows remote authenticated attackers to list arbitrary directories via a "\.." (backslash dot dot) in an LS (LIST) command.
- CVE-2005-1484May 11, 2005risk 0.00cvss —epss 0.02
Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command.
- CVE-2005-1485May 11, 2005risk 0.00cvss —epss 0.01
Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request for a file that does not exist, which reveals the absolute path of the FTP server in the resulting FTP error message.