Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as demonstrated by the Infigo FTPStress Fuzzer.
Max CVSS
7.5
EPSS Score
4.81%
Published
2006-05-04
Updated
2018-10-18
Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-03-07
Updated
2016-10-18
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
Max CVSS
5.0
EPSS Score
0.45%
Published
2001-06-18
Updated
2008-09-05
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled.
Max CVSS
7.5
EPSS Score
0.86%
Published
2001-06-18
Updated
2017-12-19
Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password.
Max CVSS
5.0
EPSS Score
3.35%
Published
1999-11-17
Updated
2017-12-19
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!