MidnightBSD

Advisories for kmint21_software

CVE-2005-0566 HIGH

Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kmint21_software golden_ftp_server 2.02b
kmint21_software golden_ftp_server 1.31b
kmint21_software golden_ftp_server 1.20b
kmint21_software golden_ftp_server 1.30b
kmint21_software golden_ftp_server 1.00b
CVE-2005-0634 HIGH

Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kmint21_software golden_ftp_server 1.92
CVE-2005-1484 MEDIUM

Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kmint21_software golden_ftp_server 2.0.2b
kmint21_software golden_ftp_server 2.16
kmint21_software golden_ftp_server 2.52
kmint21_software golden_ftp_server 1.31b
kmint21_software golden_ftp_server 1.20b
kmint21_software golden_ftp_server 1.30b
kmint21_software golden_ftp_server 2.10
kmint21_software golden_ftp_server 1.00b
kmint21_software golden_ftp_server 2.0.5b
kmint21_software golden_ftp_server 1.92
CVE-2005-1485 MEDIUM

Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request for a file that does not exist, which reveals the absolute path of the FTP server in the resulting FTP error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kmint21_software golden_ftp_server 2.52
CVE-2005-2142 LOW

Directory traversal vulnerability in Golden FTP Server 2.60 allows remote authenticated attackers to list arbitrary directories via a "\.." (backslash dot dot) in an LS (LIST) command.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kmint21_software golden_ftp_server 2.60
CVE-2005-4553 HIGH

Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long APPE command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kmint21_software golden_ftp_server 1.92
CVE-2006-2180 MEDIUM

Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands, as demonstrated by the Infigo FTPStress Fuzzer.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
kmint21_software golden_ftp_server 1.32b
kmint21_software golden_ftp_server 2.70