266511
|
- |
|
g.rodola
|
pyftpdlib
|
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary files and directories via vectors involving a symlink in a …
|
CWE-22
Path Traversal
|
CVE-2008-7262
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266512
|
- |
|
g.rodola
|
pyftpdlib
|
ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
CWE-287
Improper Authentication
|
CVE-2008-7263
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266513
|
- |
|
g.rodola
|
pyftpdlib
|
The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service (file descriptor exhaustion and daemon outage) by sending a QUIT command…
|
CWE-20
Improper Input Validation
|
CVE-2008-7264
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266514
|
- |
|
g.rodola
|
pyftpdlib
|
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2)…
|
CWE-22
Path Traversal
|
CVE-2007-6736
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266515
|
- |
|
g.rodola
|
pyftpdlib
|
FTPServer.py in pyftpdlib before 0.2.0 does not increment the attempted_logins count for a USER command that specifies an invalid username, which makes it easier for remote attackers to obtain access…
|
CWE-287
Improper Authentication
|
CVE-2007-6737
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266516
|
- |
|
g.rodola
|
pyftpdlib
|
pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the n…
|
NVD-CWE-Other
|
CVE-2007-6738
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266517
|
- |
|
g.rodola
|
pyftpdlib
|
FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command.
|
CWE-20
Improper Input Validation
|
CVE-2007-6739
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266518
|
- |
|
g.rodola
|
pyftpdlib
|
The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6740
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266519
|
- |
|
g.rodola
|
pyftpdlib
|
The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP address matches the source IP address of the connection from…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6741
|
2010-10-20 13:00 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266520
|
- |
|
susie_ro
|
lhasa
|
Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
|
NVD-CWE-Other
|
CVE-2010-2369
|
2010-10-19 13:00 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|