cbcvebase.

Glftpd vulnerabilities

7 known vulnerabilities affecting glftpd/glftpd.

Total CVEs
7
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2000-0038P3HIGHCVSS 7.5PoC≤ 1.17.21999-12-23
CVE-2000-0038 [HIGH] CVE-2000-0038: glFtpD includes a default glftpd user account with a default password and a UID of 0. glFtpD includes a default glftpd user account with a default password and a UID of 0.
nvd
CVE-2001-0965P4MEDIUMCVSS 5.0PoCv1.13.6v1.16.9+7 more2001-08-31
CVE-2001-0965 [MEDIUM] CVE-2001-0965: glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST comman glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters.
nvd
CVE-2021-31645P4HIGHCVSS 7.5v2.11a2022-07-07
CVE-2021-31645 [HIGH] CWE-770 CVE-2021-31645: An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service vi An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service via exceeding the connection limit.
nvd
CVE-2006-1253P4HIGHCVSS 7.5v1.18v1.19+26 more2006-03-19
CVE-2006-1253 [HIGH] CVE-2006-1253: Unspecified vulnerability in glFTPd before 2.01 RC5 allows remote attackers to bypass IP checks via Unspecified vulnerability in glFTPd before 2.01 RC5 allows remote attackers to bypass IP checks via a crafted DNS hostname, possibly a hostname that appears to be an IP address.
nvd
CVE-2000-0587P4CRITICALCVSS 10.0v1.18v1.19+9 more2000-06-26
CVE-2000-0587 [CRITICAL] CVE-2000-0587: The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for dire The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.
nvd
CVE-2000-0040P4CRITICALCVSS 10.0v1.17.21999-12-23
CVE-2000-0040 [CRITICAL] CVE-2000-0040: glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command. glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.
nvd
CVE-2005-0483P4MEDIUMCVSS 5.0v1.26v1.27+12 more2005-03-30
CVE-2005-0483 [MEDIUM] CVE-2005-0483: Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glf Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users to (1) determine the existence of arbitrary files, (2) list files in restricted directories, or (3) read arbitrary files from within ZIP or gzip files, via .. (dot dot) sequences and globbing ("*") characters in
nvd
Glftpd vulnerabilities | cvebase