The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data.
CVSS Score
5.0
EPSS Score
0.123
Published
2003-12-31
Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.
CVSS Score
5.0
EPSS Score
0.007
Published
2002-05-16
Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
CVSS Score
7.5
EPSS Score
0.007
Published
2002-05-16
Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.
CVSS Score
5.0
EPSS Score
0.075
Published
2002-03-25