MidnightBSD

Advisories for selom_ofori

CVE-2002-0126 HIGH

Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote attackers to execute arbitrary code via a long argument to (1) USER, (2) PASS, or (3) CWD.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
selom_ofori blackmoon_ftp_server 1.2
selom_ofori blackmoon_ftp_server 1.3
selom_ofori blackmoon_ftp_server 1.1
selom_ofori blackmoon_ftp_server 1.0
selom_ofori blackmoon_ftp_server 1.5
selom_ofori blackmoon_ftp_server 1.4
CVE-2003-0342 MEDIUM

BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
selom_ofori blackmoon_ftp_server 2.6
CVE-2003-0343 MEDIUM

BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, generates an "Account does not exist" error message when an invalid username is entered, which makes it easier for remote attackers to conduct brute force attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
selom_ofori blackmoon_ftp_server 2.6