Eserv
by Etype
CVEs (11)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-4588 | 0.05 | — | 0.28 | Oct 15, 2008 | Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command. | ||
| CVE-2003-1266 | 0.04 | — | 0.12 | Dec 31, 2003 | The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data. | ||
| CVE-2003-0290 | 0.04 | — | 0.13 | Jun 16, 2003 | Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated. | ||
| CVE-2002-0112 | 0.04 | — | 0.07 | Mar 25, 2002 | Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL. | ||
| CVE-2000-0523 | 0.03 | — | 0.05 | Jun 6, 2000 | Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command. | ||
| CVE-1999-1509 | 0.03 | — | 0.03 | Nov 4, 1999 | Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL. | ||
| CVE-2006-2308 | 0.00 | — | 0.02 | Jun 2, 2006 | Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands. | ||
| CVE-2006-2309 | 0.00 | — | 0.00 | Jun 2, 2006 | The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files. | ||
| CVE-2002-0221 | 0.00 | — | 0.01 | May 16, 2002 | Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV. | ||
| CVE-2002-0222 | 0.00 | — | 0.01 | May 16, 2002 | Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command. | ||
| CVE-2000-0907 | 0.00 | — | 0.02 | Dec 19, 2000 | EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands. |
- CVE-2008-4588Oct 15, 2008risk 0.05cvss —epss 0.28
Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command.
- CVE-2003-1266Dec 31, 2003risk 0.04cvss —epss 0.12
The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data.
- CVE-2003-0290Jun 16, 2003risk 0.04cvss —epss 0.13
Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated.
- CVE-2002-0112Mar 25, 2002risk 0.04cvss —epss 0.07
Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.
- CVE-2000-0523Jun 6, 2000risk 0.03cvss —epss 0.05
Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command.
- CVE-1999-1509Nov 4, 1999risk 0.03cvss —epss 0.03
Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL.
- CVE-2006-2308Jun 2, 2006risk 0.00cvss —epss 0.02
Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands.
- CVE-2006-2309Jun 2, 2006risk 0.00cvss —epss 0.00
The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files.
- CVE-2002-0221May 16, 2002risk 0.00cvss —epss 0.01
Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.
- CVE-2002-0222May 16, 2002risk 0.00cvss —epss 0.01
Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
- CVE-2000-0907Dec 19, 2000risk 0.00cvss —epss 0.02
EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands.