MidnightBSD

Advisories for whitsoft_development

CVE-2001-1131 MEDIUM

Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
whitsoft_development slimftpd 2.2
CVE-2004-2418 HIGH

Buffer overflow in SlimFTPd 3.15 and earlier allows local users to execute arbitrary code via a long command, such as (1) CWD, (2) STOR, (3) MKD, and (4) STAT.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
whitsoft_development slimftpd 3.15
CVE-2005-2373 HIGH

Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
whitsoft_development slimftpd 3.15
whitsoft_development slimftpd 3.16
CVE-2005-2850 MEDIUM

SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
whitsoft_development slimftpd 3.17