MidnightBSD

Advisories for maxum_development_corporation

CVE-2001-0644 HIGH

Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plaintext in the "Rumpus User Database" file in the prefs folder, which could allow attackers to gain privileges on the server.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
maxum_development_corporation rumpus_ftp_server *
maxum_development_corporation rumpus_ftp_server 1.3.2
maxum_development_corporation rumpus_ftp_server 1.3.4
maxum_development_corporation rumpus_ftp_server 1.3.3
CVE-2001-0646 MEDIUM

Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote attacker to perform a denial of service (hang) by creating a directory name of a specific length.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
maxum_development_corporation rumpus_ftp_server 2.0.3dev
maxum_development_corporation rumpus_ftp_server 1.3.2
maxum_development_corporation rumpus_ftp_server 1.3.4
CVE-2001-0706 LOW

Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
maxum_development_corporation rumpus_ftp_server 2.0.3dev
maxum_development_corporation rumpus_ftp_server 1.3.5
maxum_development_corporation rumpus_ftp_server 1.3.2
maxum_development_corporation rumpus_ftp_server 1.3.4