Winftp Server: Security Vulnerabilities
WinFtp Server 2.0.2 allows remote attackers to cause a denial of service (crash) via long (1) PASV, (2) LIST, (3) USER, (4) PORT, and possibly other commands.
CVSS Score
5.0
EPSS Score
0.05
Published
2006-12-21
Buffer overflow in the Log-SCR function in the "Log to Screen" feature in WinFtp Server 1.6.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long request.
CVSS Score
7.5
EPSS Score
0.055
Published
2005-08-23
WinFTP Server 1.6 stores username and password credentials in plaintext in the data\user.wfd file, which allows local users to gain access to the credentials.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-12-31