|
264831
|
- |
|
g.rodola
|
pyftpdlib
|
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TC…
|
CWE-362
Race Condition
|
CVE-2009-5011
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264832
|
- |
|
g.rodola
|
pyftpdlib
|
ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5012
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264833
|
- |
|
g.rodola
|
pyftpdlib
|
Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service (memory consumption) by sending a QUIT command during…
|
CWE-399
Resource Management Errors
|
CVE-2009-5013
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264834
|
- |
|
g.rodola
|
pyftpdlib
|
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary files and directories via vectors involving a symlink in a …
|
CWE-22
Path Traversal
|
CVE-2008-7262
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264835
|
- |
|
g.rodola
|
pyftpdlib
|
ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
CWE-287
Improper Authentication
|
CVE-2008-7263
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264836
|
- |
|
g.rodola
|
pyftpdlib
|
The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service (file descriptor exhaustion and daemon outage) by sending a QUIT command…
|
CWE-20
Improper Input Validation
|
CVE-2008-7264
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264837
|
- |
|
g.rodola
|
pyftpdlib
|
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2)…
|
CWE-22
Path Traversal
|
CVE-2007-6736
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264838
|
- |
|
g.rodola
|
pyftpdlib
|
FTPServer.py in pyftpdlib before 0.2.0 does not increment the attempted_logins count for a USER command that specifies an invalid username, which makes it easier for remote attackers to obtain access…
|
CWE-287
Improper Authentication
|
CVE-2007-6737
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264839
|
- |
|
g.rodola
|
pyftpdlib
|
pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the n…
|
NVD-CWE-Other
|
CVE-2007-6738
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264840
|
- |
|
g.rodola
|
pyftpdlib
|
FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command.
|
CWE-20
Improper Input Validation
|
CVE-2007-6739
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
