Frox: Security Vulnerabilities
frox 0.7.18, when running setuid root, does not properly drop privileges when reading a configuration file, which allows local users to read portions of arbitrary files via the -f command line option.
CVSS Score
7.2
EPSS Score
0.001
Published
2005-09-07
frox 0.7.16 and 0.7.17 does not properly parse certain Deny ACLs, which might allow attackers to bypass intended restrictions and access blocked hosts.
CVSS Score
7.5
EPSS Score
0.005
Published
2005-09-07
Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with the local caching method selected, allows remote FTP servers to run arbitrary code via a long response to an MDTM request.
CVSS Score
7.5
EPSS Score
0.005
Published
2001-11-30