VYPR
Vendor

Bisonware

Products
3
CVEs
8
Across products
9
Status
Private

Products

3

Recent CVEs

8
  • CVE-2015-7602Sep 29, 2015
    risk 0.08cvss epss 0.61

    Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command.

  • CVE-1999-1510May 17, 1999
    risk 0.08cvss epss 0.67

    Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.

  • CVE-2005-2078Jun 29, 2005
    risk 0.03cvss epss 0.02

    BisonFTP Server V4R1 allows remote authenticated users to cause a denial of service via an invalid command with a long argument.

  • CVE-2003-1416Dec 31, 2003
    risk 0.00cvss epss 0.01

    BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command.

  • CVE-2003-1380Dec 31, 2003
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command.

  • CVE-2001-0765Oct 18, 2001
    risk 0.00cvss epss 0.00

    BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories.

  • CVE-1999-1156May 17, 1999
    risk 0.00cvss epss 0.01

    BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns.

  • CVE-1999-0079Sep 12, 1997
    risk 0.00cvss epss 0.02

    Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports.