CVE-2021-31645
- EPSS 0.8%
- Veröffentlicht 07.07.2022 19:15:07
- Zuletzt bearbeitet 21.11.2024 06:06:04
An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service via exceeding the connection limit.
CVE-2006-1253
- EPSS 0.35%
- Veröffentlicht 19.03.2006 01:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Unspecified vulnerability in glFTPd before 2.01 RC5 allows remote attackers to bypass IP checks via a crafted DNS hostname, possibly a hostname that appears to be an IP address.
- EPSS 0.69%
- Veröffentlicht 30.03.2005 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users to (1) determine the existence of arbitrary files, (2) list files in restricted directories, or (3) ...
- EPSS 6.79%
- Veröffentlicht 31.08.2001 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters.
- EPSS 0.4%
- Veröffentlicht 26.06.2000 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.
CVE-2000-0038
- EPSS 2.98%
- Veröffentlicht 23.12.1999 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
glFtpD includes a default glftpd user account with a default password and a UID of 0.
- EPSS 0.41%
- Veröffentlicht 23.12.1999 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.