MidnightBSD

Advisories for globalscape

CVE-2000-0084 MEDIUM

CuteFTP uses weak encryption to store password information in its tree.dat file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
globalscape cuteftp *
CVE-2003-1260 HIGH

Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
globalscape cuteftp 5.0
CVE-2003-1261 LOW

Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
globalscape cuteftp 5.0.1
globalscape cuteftp 5.0
CVE-2004-1136 MEDIUM

Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
globalscape cuteftp 6.0
CVE-2004-2366 MEDIUM

Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
globalscape secure_ftp_server 2.0_build2004-03-11
CVE-2005-1415 HIGH

Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
globalscape secure_ftp_server 3.0.2
globalscape secure_ftp_server 3.0
CVE-2006-1693 MEDIUM

Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows attackers to cause a denial of service (application crash) via a "custom command" with a long argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
globalscape secure_ftp_server 3.1.1_build2005-08-08
globalscape secure_ftp_server 2.0_build2004-03-16
globalscape secure_ftp_server 3.0.3_build2005-04-29
globalscape secure_ftp_server 3.1.3_build2005-10-10
globalscape secure_ftp_server 2.0_build2004-03-11
globalscape secure_ftp_server 3.0.2_build2005-04-12
globalscape secure_ftp_server 3.0.4_build2005-06-15
globalscape secure_ftp_server 3.0
globalscape secure_ftp_server 3.1_build2005-07-06
CVE-2023-2989

Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited

Products Affected

Vendor Product Version
globalscape eft_server *
CVE-2023-2990

Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service

Products Affected

Vendor Product Version
globalscape eft_server *
CVE-2023-2991

Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message

Products Affected

Vendor Product Version
globalscape eft_server *
CVE-2024-1190 LOW

A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Host/Username/Password leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252680. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-404,CWE-404,

Products Affected

Vendor Product Version
globalscape cuteftp 9.3.0.3