Floosietek
Products
3- 6 CVEs
- 4 CVEs
- 2 CVEs
Recent CVEs
10| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2003-0263 | 0.05 | — | 0.20 | May 27, 2003 | Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. | ||
| CVE-2005-3640 | 0.04 | — | 0.08 | Nov 16, 2005 | Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command. | ||
| CVE-1999-0887 | 0.03 | — | 0.04 | Nov 4, 1999 | FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack. | ||
| CVE-2005-4569 | 0.01 | — | 0.18 | Dec 29, 2005 | Stack-based buffer overflow in index.fts in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allows remote attackers to execute arbitrary code via a long tzoffset value. | ||
| CVE-2005-4567 | 0.00 | — | 0.01 | Dec 29, 2005 | Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.fts, or the param1 parameter to (2) /domains/index.fts, (3) /config/licence.fts, or (4) /config/systemacl.fts. | ||
| CVE-2005-4568 | 0.00 | — | 0.03 | Dec 29, 2005 | Multiple format string vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allow remote attackers to execute arbitrary code via format string specifiers in the (1) USER, (2) PASS, and (3) TOP commands to the POP3 server; and the (4) LIST and (5) AUTHENTICATE commands to the IMAP server. | ||
| CVE-2002-2080 | 0.00 | — | 0.00 | Dec 31, 2002 | Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of service (memory and CPU consumption) via a large number of RCPT TO: messages during an SMTP session. | ||
| CVE-2002-2082 | 0.00 | — | 0.00 | Dec 31, 2002 | FTGate and FTGate Pro 1.05 lock user mailboxes before authentication succeeds, which allows remote attackers to lock the mailboxes of other users. | ||
| CVE-2002-2078 | 0.00 | — | 0.01 | Dec 31, 2002 | Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command. | ||
| CVE-2000-1237 | 0.00 | — | 0.00 | Dec 31, 2000 | The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing. |
- CVE-2003-0263May 27, 2003risk 0.05cvss —epss 0.20
Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
- CVE-2005-3640Nov 16, 2005risk 0.04cvss —epss 0.08
Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command.
- CVE-1999-0887Nov 4, 1999risk 0.03cvss —epss 0.04
FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack.
- CVE-2005-4569Dec 29, 2005risk 0.01cvss —epss 0.18
Stack-based buffer overflow in index.fts in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allows remote attackers to execute arbitrary code via a long tzoffset value.
- CVE-2005-4567Dec 29, 2005risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.fts, or the param1 parameter to (2) /domains/index.fts, (3) /config/licence.fts, or (4) /config/systemacl.fts.
- CVE-2005-4568Dec 29, 2005risk 0.00cvss —epss 0.03
Multiple format string vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allow remote attackers to execute arbitrary code via format string specifiers in the (1) USER, (2) PASS, and (3) TOP commands to the POP3 server; and the (4) LIST and (5) AUTHENTICATE commands to the IMAP server.
- CVE-2002-2080Dec 31, 2002risk 0.00cvss —epss 0.00
Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of service (memory and CPU consumption) via a large number of RCPT TO: messages during an SMTP session.
- CVE-2002-2082Dec 31, 2002risk 0.00cvss —epss 0.00
FTGate and FTGate Pro 1.05 lock user mailboxes before authentication succeeds, which allows remote attackers to lock the mailboxes of other users.
- CVE-2002-2078Dec 31, 2002risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command.
- CVE-2000-1237Dec 31, 2000risk 0.00cvss —epss 0.00
The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing.