- EPSS 78.87%
- Veröffentlicht 14.03.2008 20:44:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, allows remote attackers to upload files to arbitrary locations via a destinat...
CVE-2008-1118
- EPSS 10.83%
- Veröffentlicht 14.03.2008 20:44:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields taken from packets from a remote peer, which allows remote attackers to generate crafted log entries, and possibly avoi...
- EPSS 1.19%
- Veröffentlicht 14.03.2008 20:44:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The instant message service in Timbuktu Pro 8.6.5 RC 229 and earlier for Windows allows remote attackers to cause (1) a denial of service (daemon crash) via an invalid Version field or (2) a denial of service (CPU consumption and daemon termination) ...
- EPSS 6.28%
- Veröffentlicht 25.03.2002 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a series of connections to one of the ports (1417 - 1420).
- EPSS 5.68%
- Veröffentlicht 11.02.2000 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417.
- EPSS 0.65%
- Veröffentlicht 18.01.2000 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing.