MidnightBSD

Advisories for gene6

CVE-1999-1519 MEDIUM

Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gene6 g6_ftp_server 2.0
CVE-2001-0263 HIGH

Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gene6 g6_ftp_server 2.0
CVE-2001-0264 MEDIUM

Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gene6 g6_ftp_server 2.0
CVE-2005-0690 LOW

Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gene6 g6_ftp_server 3.3.1
gene6 g6_ftp_server 3.0.2
gene6 g6_ftp_server 3.0.1
gene6 g6_ftp_server 2.0
gene6 g6_ftp_server 3.1
gene6 g6_ftp_server 3.2
gene6 g6_ftp_server 3.3
gene6 g6_ftp_server 3.4
gene6 g6_ftp_server 3.0
CVE-2006-2172 HIGH

Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as demonstrated by the Infigo FTPStress Fuzzer.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gene6 g6_ftp_server 3.1