Khamil Landross And Zack Jones: >> Eftp >> 2.0.7.337 Security Vulnerabilities
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands.
CVSS Score
7.5
EPSS Score
0.055
Published
2001-09-12
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
CVSS Score
5.0
EPSS Score
0.008
Published
2001-09-12
EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-09-12
Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters.
CVSS Score
7.5
EPSS Score
0.054
Published
2001-09-12