MidnightBSD

Advisories for transsoft

CVE-2000-1116 HIGH

Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
transsoft broker_ftp_server 4.0
transsoft broker_ftp_server 3.0
transsoft broker_ftp_server 3.0_build_1
CVE-2001-0450 MEDIUM

Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
transsoft broker_ftp_server *
CVE-2001-0687 MEDIUM

Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
transsoft broker_ftp_server 5.1
transsoft broker_ftp_server *
transsoft broker_ftp_server 5.0
transsoft broker_ftp_server 4.0
transsoft broker_ftp_server 4.7.5.0
CVE-2001-0688 MEDIUM

Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
transsoft broker_ftp_server 5.1
transsoft broker_ftp_server 5.9.5.0
transsoft broker_ftp_server 5.0
transsoft broker_ftp_server 5.7
transsoft broker_ftp_server 4.0
transsoft broker_ftp_server 4.7.5.0
transsoft broker_ftp_server 3.0_build_1
CVE-2001-1042 MEDIUM

Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
transsoft broker_ftp_server 5.9.5.0
CVE-2002-0405 HIGH

Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot) characters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
transsoft broker_ftp_server 5.0
CVE-2004-0295 MEDIUM

TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a denial of service (CPU consumption) via an open idle connection.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
transsoft broker_ftp_server 6.1_.0.0
CVE-2004-0296 MEDIUM

TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a TsFtpSrv.exe to exit with an exception by opening and immediately closing a connection.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
transsoft broker_ftp_server 6.1_.0.0