Aclogic Cesarftp vulnerabilities
6 known vulnerabilities affecting aclogic/cesarftp.
Total CVEs
6
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2006-2961P3HIGHCVSS 7.5PoC≤ 0.99g2006-06-12
CVE-2006-2961 [HIGH] CVE-2006-2961: Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial
Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
nvd
CVE-2001-1335P4MEDIUMCVSS 5.0PoCv0.98b2001-05-27
CVE-2001-1335 [MEDIUM] CVE-2001-1335: Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (s
Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot).
nvd
CVE-2004-0298P4MEDIUMCVSS 5.0PoCv0.99e2004-11-23
CVE-2004-0298 [MEDIUM] CVE-2004-0298: CesarFTP 0.99e allows remote attackers to cause a denial of service (CPU consumption) via a long RET
CesarFTP 0.99e allows remote attackers to cause a denial of service (CPU consumption) via a long RETR parameter.
nvd
CVE-2001-0826P4HIGHCVSS 7.5v0.98b2001-12-06
CVE-2001-0826 [HIGH] CVE-2001-0826: Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long a
Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD.
nvd
CVE-2001-1336P4HIGHCVSS 7.5≤ 0.98b2001-05-28
CVE-2001-1336 [HIGH] CVE-2001-1336: CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, whi
CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges.
nvd
CVE-2003-0329P4MEDIUMCVSS 4.6v0.99g2003-06-09
CVE-2003-0329 [MEDIUM] CVE-2003-0329: CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could al
CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges.
nvd