Crob
Products
2- 6 CVEs
- 1 CVE
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-6558 | 0.04 | — | 0.07 | Dec 14, 2006 | Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial of service via a long series of "?A" sequences in the (1) LIST and possibly (2) NLST command. | |||
| CVE-2005-1873 | 0.03 | — | 0.05 | Jun 9, 2005 | Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command with a long string or (2) a globbing ("*") character followed by a long string. | |||
| CVE-2004-2309 | 0.03 | — | 0.00 | Dec 31, 2004 | Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command. | |||
| CVE-2004-0282 | 0.03 | — | 0.04 | Nov 23, 2004 | Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server. | |||
| CVE-2003-1207 | 0.03 | — | 0.05 | Feb 1, 2004 | Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string. | |||
| CVE-2003-1205 | 0.00 | — | 0.01 | Aug 6, 2003 | Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by renaming a file to the "con" MS-DOS device name. | |||
| CVE-2003-1206 | 0.00 | — | 0.01 | Jun 3, 2003 | Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir. |
- CVE-2006-6558Dec 14, 2006risk 0.04cvss —epss 0.07
Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial of service via a long series of "?A" sequences in the (1) LIST and possibly (2) NLST command.
- CVE-2005-1873Jun 9, 2005risk 0.03cvss —epss 0.05
Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command with a long string or (2) a globbing ("*") character followed by a long string.
- CVE-2004-2309Dec 31, 2004risk 0.03cvss —epss 0.00
Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command.
- CVE-2004-0282Nov 23, 2004risk 0.03cvss —epss 0.04
Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server.
- CVE-2003-1207Feb 1, 2004risk 0.03cvss —epss 0.05
Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string.
- CVE-2003-1205Aug 6, 2003risk 0.00cvss —epss 0.01
Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by renaming a file to the "con" MS-DOS device name.
- CVE-2003-1206Jun 3, 2003risk 0.00cvss —epss 0.01
Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir.