Known Vulnerabilities for products from Pureftpd
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Pureftpd".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-40524 json | In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbou... | 7.5 - HIGH | 2021-09-05 | 2021-11-26 |
| CVE-2020-35359 json | Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connecti... | 7.5 - HIGH | 2020-12-26 | 2020-12-29 |
| CVE-2020-9365 json | An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in uti... | 7.5 - HIGH | 2020-02-24 | 2023-11-07 |
| CVE-2020-9274 json | An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linke... | 7.5 - HIGH | 2020-02-26 | 2023-11-07 |
| CVE-2019-20176 json | In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c. | 7.5 - HIGH | 2019-12-31 | 2023-11-07 |
| CVE-2017-12170 json | Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original con... | 9.8 - CRITICAL | 2017-09-21 | 2019-10-03 |
| CVE-2011-3171 json | Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Serv... | 3.6 - LOW | 2011-11-04 | 2017-08-29 |
| CVE-2011-1575 json | The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows... | 5.8 - MEDIUM | 2011-05-23 | 2014-02-21 |
| CVE-2011-0988 json | pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running... | 4.4 - MEDIUM | 2011-04-18 | 2017-08-17 |
| CVE-2011-0418 json | The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containin... | 4 - MEDIUM | 2011-05-24 | 2011-09-22 |
| CVE-2004-0656 json | The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding t... | Not Provided | 2004-08-06 | 2025-04-03 |
Known software with vulnerabilities from Pureftpd
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pureftpd | Pure-ftpd | 0.90 |