Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kmint21_software | golden_ftp_server | 2.02b |
| kmint21_software | golden_ftp_server | 1.31b |
| kmint21_software | golden_ftp_server | 1.20b |
| kmint21_software | golden_ftp_server | 1.30b |
| kmint21_software | golden_ftp_server | 1.00b |
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kmint21_software | golden_ftp_server | 1.92 |
Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kmint21_software | golden_ftp_server | 2.0.2b |
| kmint21_software | golden_ftp_server | 2.16 |
| kmint21_software | golden_ftp_server | 2.52 |
| kmint21_software | golden_ftp_server | 1.31b |
| kmint21_software | golden_ftp_server | 1.20b |
| kmint21_software | golden_ftp_server | 1.30b |
| kmint21_software | golden_ftp_server | 2.10 |
| kmint21_software | golden_ftp_server | 1.00b |
| kmint21_software | golden_ftp_server | 2.0.5b |
| kmint21_software | golden_ftp_server | 1.92 |
Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request for a file that does not exist, which reveals the absolute path of the FTP server in the resulting FTP error message.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kmint21_software | golden_ftp_server | 2.52 |
Directory traversal vulnerability in Golden FTP Server 2.60 allows remote authenticated attackers to list arbitrary directories via a "\.." (backslash dot dot) in an LS (LIST) command.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kmint21_software | golden_ftp_server | 2.60 |
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long APPE command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kmint21_software | golden_ftp_server | 1.92 |
Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands, as demonstrated by the Infigo FTPStress Fuzzer.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kmint21_software | golden_ftp_server | 1.32b |
| kmint21_software | golden_ftp_server | 2.70 |