Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| whitsoft_development | slimftpd | 2.2 |
Buffer overflow in SlimFTPd 3.15 and earlier allows local users to execute arbitrary code via a long command, such as (1) CWD, (2) STOR, (3) MKD, and (4) STAT.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| whitsoft_development | slimftpd | 3.15 |
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| whitsoft_development | slimftpd | 3.15 |
| whitsoft_development | slimftpd | 3.16 |
SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| whitsoft_development | slimftpd | 3.17 |