Evolvable Corporation: Security Vulnerabilities
Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request.
CVSS Score
5.0
EPSS Score
0.052
Published
2002-10-04
Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands.
CVSS Score
5.0
EPSS Score
0.025
Published
2002-10-04
Directory traversal vulnerability in Shambala 4.5 allows remote attackers to escape the FTP root directory via "CWD ..." command.
CVSS Score
7.5
EPSS Score
0.426
Published
2001-10-18
Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection.
CVSS Score
5.0
EPSS Score
0.056
Published
2000-12-19
Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server.
CVSS Score
10.0
EPSS Score
0.004
Published
2000-12-19