Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Khamil Landross And Zack Jones Subscribe
Filtered by product Eftp
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1109 1 Khamil Landross And Zack Jones 1 Eftp 2017-12-18 7.5 HIGH N/A
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands.
CVE-2001-1111 1 Khamil Landross And Zack Jones 1 Eftp 2017-12-18 4.6 MEDIUM N/A
EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.
CVE-2001-1112 1 Khamil Landross And Zack Jones 1 Eftp 2017-12-18 7.5 HIGH N/A
Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters.
CVE-2001-1193 1 Khamil Landross And Zack Jones 1 Eftp 2017-10-09 5.0 MEDIUM N/A
Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command.
CVE-2000-0871 1 Khamil Landross And Zack Jones 1 Eftp 2017-10-09 5.0 MEDIUM N/A
Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server.
CVE-2000-0870 1 Khamil Landross And Zack Jones 1 Eftp 2017-10-09 7.5 HIGH N/A
Buffer overflow in EFTP allows remote attackers to cause a denial of service via a long string.
CVE-2001-1110 1 Khamil Landross And Zack Jones 1 Eftp 2008-09-05 5.0 MEDIUM N/A
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.