MidnightBSD

Advisories for pi-soft

CVE-2001-0781 HIGH

Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,

Products Affected

Vendor Product Version
pi-soft spoonftp 1.0.0.12
CVE-2001-0963 HIGH

Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
pi-soft spoonftp 1.1
CVE-2002-0139 HIGH

Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
pi-soft spoonftp 1.00.12
pi-soft spoonftp 1.00.13
pi-soft spoonftp 1.0
pi-soft spoonftp 0.01.1.0.1
pi-soft spoonftp 1.1