Cooolsoft: >> Powerftp >> 2.03 Security Vulnerabilities
Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.
CVSS Score
5.0
EPSS Score
0.153
Published
2003-04-02
PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges.
CVSS Score
7.5
EPSS Score
0.005
Published
2002-05-29
Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 allows attackers to list or read arbitrary files and directories via a .. (dot dot) in (1) LS or (2) GET.
CVSS Score
7.5
EPSS Score
0.788
Published
2001-11-28
Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.
CVSS Score
7.5
EPSS Score
0.078
Published
2001-11-28
Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:".
CVSS Score
7.5
EPSS Score
0.089
Published
2001-11-28
Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the physical path of the server root via the pwd command, which lists the full pathname.
CVSS Score
7.5
EPSS Score
0.054
Published
2001-11-28