VYPR
Vendor

Altools

Products
4
CVEs
7
Across products
7
Status
Private

Products

4

Recent CVEs

7
  • CVE-2008-2702Jun 13, 2008
    risk 0.04cvss epss 0.11

    Directory traversal vulnerability in the FTP client in ALTools ESTsoft ALFTP 4.1 beta 2 and 5.0 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. NOTE: this can be leveraged for…

  • CVE-2012-0315Feb 22, 2012
    risk 0.00cvss epss 0.02

    Untrusted search path vulnerability in ALFTP before 5.31 allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access…

  • CVE-2011-1336Jul 7, 2011
    risk 0.00cvss epss 0.06

    Buffer overflow in ALZip 8.21 and earlier allows remote attackers to execute arbitrary code via a crafted mim file.

  • CVE-2007-4550Aug 28, 2007
    risk 0.00cvss epss 0.04

    Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file.

  • CVE-2007-4549Aug 28, 2007
    risk 0.00cvss epss 0.05

    Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a "Site Information and Folder entry" with a ciphertext_length value much larger than…

  • CVE-2006-5949Nov 17, 2006
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote attackers to create arbitrary directories via directory traversal sequences in a MKD request. NOTE: the provenance of this information is unknown; details are obtained…

  • CVE-2006-5950Nov 17, 2006
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages. NOTE: the provenance of this information…