Bisonware : Security Vulnerabilities, CVEs, CVSS score >= 4
CVE-2015-7602
Public exploit
Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command.
Max CVSS
7.8
EPSS Score
50.30%
Published
2015-09-29
Updated
2015-10-13
BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-10-18
Updated
2017-10-10
CVE-1999-1510
Public exploit
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
Max CVSS
7.5
EPSS Score
94.46%
Published
1999-05-17
Updated
2017-12-19
BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns.
Max CVSS
5.0
EPSS Score
0.27%
Published
1999-05-17
Updated
2018-05-03
Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports.
Max CVSS
5.0
EPSS Score
0.27%
Published
1997-09-12
Updated
2022-08-17
5 vulnerabilities found