Cooolsoft
Products
2- 6 CVEs
- 3 CVEs
Recent CVEs
9| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2001-0931 | 0.06 | — | 0.79 | Nov 28, 2001 | Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 allows attackers to list or read arbitrary files and directories via a .. (dot dot) in (1) LS or (2) GET. | ||
| CVE-2002-1522 | 0.04 | — | 0.15 | Apr 2, 2003 | Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument. | ||
| CVE-2001-0932 | 0.04 | — | 0.10 | Nov 28, 2001 | Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command. | ||
| CVE-2001-0933 | 0.01 | — | 0.09 | Nov 28, 2001 | Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:". | ||
| CVE-2003-0271 | 0.00 | — | 0.05 | May 27, 2003 | Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument. | ||
| CVE-2002-1544 | 0.00 | — | 0.00 | Mar 31, 2003 | Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, (3) put, or (4) get. | ||
| CVE-2002-1545 | 0.00 | — | 0.01 | Mar 31, 2003 | CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response. | ||
| CVE-2002-0264 | 0.00 | — | 0.01 | May 29, 2002 | PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges. | ||
| CVE-2001-0934 | 0.00 | — | 0.05 | Nov 28, 2001 | Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the physical path of the server root via the pwd command, which lists the full pathname. |
- CVE-2001-0931Nov 28, 2001risk 0.06cvss —epss 0.79
Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 allows attackers to list or read arbitrary files and directories via a .. (dot dot) in (1) LS or (2) GET.
- CVE-2002-1522Apr 2, 2003risk 0.04cvss —epss 0.15
Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.
- CVE-2001-0932Nov 28, 2001risk 0.04cvss —epss 0.10
Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.
- CVE-2001-0933Nov 28, 2001risk 0.01cvss —epss 0.09
Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:".
- CVE-2003-0271May 27, 2003risk 0.00cvss —epss 0.05
Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument.
- CVE-2002-1544Mar 31, 2003risk 0.00cvss —epss 0.00
Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, (3) put, or (4) get.
- CVE-2002-1545Mar 31, 2003risk 0.00cvss —epss 0.01
CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response.
- CVE-2002-0264May 29, 2002risk 0.00cvss —epss 0.01
PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges.
- CVE-2001-0934Nov 28, 2001risk 0.00cvss —epss 0.05
Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the physical path of the server root via the pwd command, which lists the full pathname.