Crob » Crob Ftp Server : Security Vulnerabilities, CVEs,
Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial of service via a long series of "?A" sequences in the (1) LIST and possibly (2) NLST command.
Max CVSS
5.0
EPSS Score
5.28%
Published
2006-12-14
Updated
2017-10-19
Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-11
Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server.
Max CVSS
5.0
EPSS Score
4.68%
Published
2004-11-23
Updated
2017-07-11
Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string.
Max CVSS
5.0
EPSS Score
4.20%
Published
2004-02-01
Updated
2017-07-11
Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir.
Max CVSS
5.0
EPSS Score
1.95%
Published
2003-06-03
Updated
2017-07-11
Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by renaming a file to the "con" MS-DOS device name.
Max CVSS
5.0
EPSS Score
1.83%
Published
2003-08-06
Updated
2017-07-11
6 vulnerabilities found