Khamil Landross And Zack Jones: >> Eftp Security Vulnerabilities
Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command.
CVSS Score
5.0
EPSS Score
0.011
Published
2001-12-13
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands.
CVSS Score
7.5
EPSS Score
0.055
Published
2001-09-12
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
CVSS Score
5.0
EPSS Score
0.008
Published
2001-09-12
EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-09-12
Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters.
CVSS Score
7.5
EPSS Score
0.054
Published
2001-09-12
Buffer overflow in EFTP allows remote attackers to cause a denial of service via a long string.
CVSS Score
7.5
EPSS Score
0.008
Published
2000-11-14
Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server.
CVSS Score
5.0
EPSS Score
0.01
Published
2000-11-14