Known Vulnerabilities for products from Pureftpd
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Pureftpd".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-40524 | In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbou... | 7.5 - HIGH | 2021-09-05 | 2021-11-26 |
| CVE-2020-35359 | Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connecti... | 7.5 - HIGH | 2020-12-26 | 2020-12-29 |
| CVE-2020-9365 | An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in uti... | 7.5 - HIGH | 2020-02-24 | 2023-11-07 |
| CVE-2020-9274 | An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linke... | 7.5 - HIGH | 2020-02-26 | 2023-11-07 |
| CVE-2019-20176 | In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c. | 7.5 - HIGH | 2019-12-31 | 2023-11-07 |
| CVE-2017-12170 | Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original con... | 9.8 - CRITICAL | 2017-09-21 | 2019-10-03 |
| CVE-2011-3171 | Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Serv... | 3.6 - LOW | 2011-11-04 | 2017-08-29 |
| CVE-2011-1575 | The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows... | 5.8 - MEDIUM | 2011-05-23 | 2014-02-21 |
| CVE-2011-0988 | pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running... | 4.4 - MEDIUM | 2011-04-18 | 2017-08-17 |
| CVE-2011-0418 | The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containin... | 4 - MEDIUM | 2011-05-24 | 2011-09-22 |
| CVE-2004-0656 | The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding t... | 5 - MEDIUM | 2004-08-06 | 2017-07-11 |
Known software with vulnerabilities from Pureftpd
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pureftpd | Pure-ftpd | 0.90 |