Texas Imperial Software Wftpd — known CVE vulnerabilities
Every CVE whose affected-product data names Texas Imperial Software Wftpd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-1999-0950 — CVSS 10.0 (critical): Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create nested…
CVE-2001-0694 — CVSS 7.5 (high): Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command.
CVE-2004-0340 — CVSS 7.2 (high): Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows…
CVE-2006-4318 — CVSS 6.5 (medium): Buffer overflow in WFTPD Server 3.23 allows remote attackers to execute arbitrary code via long SIZE commands.
CVE-2000-0645 — CVSS 6.4 (medium): WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the…
CVE-2006-5826 — CVSS 5.8 (medium): Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a…
CVE-2000-0876 — CVSS 5.0 (medium): WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via a "%C" command, which generates an…
CVE-2000-1101 — CVSS 5.0 (medium): Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local…
CVE-2001-0695 — CVSS 5.0 (medium): WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by making repeated requests to cd to the floppy drive (A:\).
CVE-2004-1642 — CVSS 5.0 (medium): WFTPD Pro Server 3.21 allows remote authenticated users to cause a denial of service (crash) via a series of long MLIST commands.
CVE-2007-0311 — CVSS 5.0 (medium): Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier allow remote attackers to cause a denial of service (application crash)…
CVE-2000-0644 — CVSS 5.0 (medium): WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still…
CVE-2000-0646 — CVSS 5.0 (medium): WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file…
CVE-2000-0647 — CVSS 5.0 (medium): WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing an MLST command before logging into the server.
CVE-2000-0648 — CVSS 5.0 (medium): WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM…
CVE-2000-0875 — CVSS 5.0 (medium): WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long string of unprintable characters.
CVE-2004-0341 — CVSS 2.1 (low): WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent, which allows local users to cause a…