MidnightBSD

Advisories for bisonware

CVE-1999-0079 MEDIUM

Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bisonware bisonware_ftp_server 3.5
CVE-1999-1156 MEDIUM

BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bisonware bisonware_ftp_server *
CVE-1999-1510 HIGH

Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bisonware bisonware_ftp_server *
CVE-2001-0765 MEDIUM

BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bisonware bison_ftp_server v4r1
CVE-2015-7602 HIGH

Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
bisonware bisonftp 3.5