Search CVE reports


Toggle filters

1 – 10 of 11 results


CVE-2024-48208

Medium priority
Needs evaluation

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-40524

Low priority
Needs evaluation

In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a...

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-35359

Medium priority
Needs evaluation

Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection limit.

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-9274

Low priority

Some fixes available 1 of 3

An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to...

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd Not affected Not affected Not affected Needs evaluation Fixed
Show less packages

CVE-2020-9365

Medium priority
Needs evaluation

An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2019-20176

Medium priority
Needs evaluation

In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c.

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2017-12170

Medium priority
Not affected

Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has...

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd Not affected
Show less packages

CVE-2011-3171

Medium priority
Ignored

Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows...

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd
Show less packages

CVE-2011-0418

Medium priority
Ignored

The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service...

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd
Show less packages

CVE-2011-1575

High priority
Ignored

The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext...

1 affected package

pure-ftpd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pure-ftpd
Show less packages