Gene6: >> G6 Ftp Server Security Vulnerabilities
Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as demonstrated by the Infigo FTPStress Fuzzer.
CVSS Score
7.5
EPSS Score
0.045
Published
2006-05-04
Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-03-07
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled.
CVSS Score
7.5
EPSS Score
0.032
Published
2001-06-18
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
CVSS Score
5.0
EPSS Score
0.033
Published
2001-06-18
Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password.
CVSS Score
5.0
EPSS Score
0.047
Published
1999-11-17