Vendor

Bolintech

Products

CVEs

Across products

Status

Private

Products

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2004-2074	0.07	—	0.56	Dec 31, 2004	Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.
CVE-2007-0338	0.05	—	0.26	Jan 18, 2007	Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log.
CVE-2006-6724	0.04	—	0.07	Dec 26, 2006	BolinTech Dream FTP Server 1.02 allows remote authenticated users, including anonymous users, to cause a denial of service (application crash) via a certain invalid PORT command.
CVE-2004-0277	0.04	—	0.08	Nov 23, 2004	Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.

CVE-2004-2074Dec 31, 2004
risk 0.07cvss —epss 0.56
Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.
CVE-2007-0338Jan 18, 2007
risk 0.05cvss —epss 0.26
Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log.
CVE-2006-6724Dec 26, 2006
risk 0.04cvss —epss 0.07
BolinTech Dream FTP Server 1.02 allows remote authenticated users, including anonymous users, to cause a denial of service (application crash) via a certain invalid PORT command.
CVE-2004-0277Nov 23, 2004
risk 0.04cvss —epss 0.08
Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.