MidnightBSD

Advisories for evolvable_corporation

CVE-2000-0953 MEDIUM

Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
evolvable_corporation shambala_server 4.5
CVE-2000-0954 HIGH

Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
evolvable_corporation shambala_server 4.5
CVE-2001-0758 HIGH

Directory traversal vulnerability in Shambala 4.5 allows remote attackers to escape the FTP root directory via "CWD ..." command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
evolvable_corporation shambala_server 4.5
CVE-2002-0876 MEDIUM

Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
evolvable_corporation shambala_server 4.5
CVE-2002-0877 MEDIUM

Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
evolvable_corporation shambala_server 4.5