| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports. |
| Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command. |
| wu-ftp allows files to be overwritten via the rnfr command. |
| CWD ~root command in ftpd allows root access. |
| getcwd() file descriptor leak in FTP. |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. |
| AIX routed allows remote users to modify sensitive files. |
| Buffer overflow in AIX rcp command allows local users to obtain root access. |
| Buffer overflow in AIX writesrv command allows local users to obtain root access. |
| Various vulnerabilities in the AIX portmir command allows local users to obtain root access. |
| AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. |
| AIX piodmgrsu command allows local users to gain additional group privileges. |
| Sendmail decode alias can be used to overwrite sensitive files. |
| The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). |
| Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities. |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
| Remote access in AIX innd 1.5.1, using control messages. |
| Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line. |
| Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |