Bisonware: Security Vulnerabilities
Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command.
CVSS Score
7.8
EPSS Score
0.526
Published
2015-09-29
BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-10-18
BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns.
CVSS Score
5.0
EPSS Score
0.007
Published
1999-05-17
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
CVSS Score
7.5
EPSS Score
0.776
Published
1999-05-17
Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports.
CVSS Score
5.0
EPSS Score
0.007
Published
1997-09-12