Vendor

Luca Deri

Products

CVEs

Across products

Status

Private

Products

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2000-0706	0.03	—	0.04	Oct 20, 2000	Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands.
CVE-2000-0705	0.03	—	0.05	Oct 20, 2000	ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2002-0412	0.01	—	0.09	Aug 12, 2002	Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication.
CVE-2005-3387	0.00	—	0.00	Nov 1, 2005	The startup script in packages/RedHat/ntop.init in ntop before 3.2, when ntop.conf is writable by users besides root, creates temporary files insecurely, which allows remote attackers to execute arbitrary code.

CVE-2000-0706Oct 20, 2000
risk 0.03cvss —epss 0.04
Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands.
CVE-2000-0705Oct 20, 2000
risk 0.03cvss —epss 0.05
ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2002-0412Aug 12, 2002
risk 0.01cvss —epss 0.09
Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication.
CVE-2005-3387Nov 1, 2005
risk 0.00cvss —epss 0.00
The startup script in packages/RedHat/ntop.init in ntop before 3.2, when ntop.conf is writable by users besides root, creates temporary files insecurely, which allows remote attackers to execute arbitrary code.