Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities by acftp
CVE-2002-2417 (GCVE-0-2002-2417)
Vulnerability from cvelistv5 – Published: 2007-11-01 17:00 – Updated: 2024-08-08 04:06
VLAI
EPSS
VEX
Summary
acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/6235 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/3334 | third-party-advisoryx_refsource_SREASON |
| http://www.iss.net/security_center/static/10681.php | vdb-entryx_refsource_XF |
| http://archives.neohapsis.com/archives/vulnwatch/… | mailing-listx_refsource_VULNWATCH |
| http://www.securityfocus.com/archive/1/300929 | mailing-listx_refsource_BUGTRAQ |
Date Public
2002-11-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:53.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6235",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6235"
},
{
"name": "3334",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3334"
},
{
"name": "acftp-authentication-bypass(10681)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10681.php"
},
{
"name": "20021123 acFTP Authentication Issue",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0088.html"
},
{
"name": "20021124 acFTP Authentication Issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/300929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-28T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6235",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6235"
},
{
"name": "3334",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3334"
},
{
"name": "acftp-authentication-bypass(10681)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10681.php"
},
{
"name": "20021123 acFTP Authentication Issue",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0088.html"
},
{
"name": "20021124 acFTP Authentication Issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/300929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2417",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6235",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6235"
},
{
"name": "3334",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3334"
},
{
"name": "acftp-authentication-bypass(10681)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10681.php"
},
{
"name": "20021123 acFTP Authentication Issue",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0088.html"
},
{
"name": "20021124 acFTP Authentication Issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/300929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2417",
"datePublished": "2007-11-01T17:00:00.000Z",
"dateReserved": "2007-11-01T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:06:53.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6775 (GCVE-0-2006-6775)
Vulnerability from cvelistv5 – Published: 2006-12-27 23:00 – Updated: 2024-08-07 20:42
VLAI
EPSS
VEX
Summary
acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/2985 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2006/5149 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/21767 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/23481 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-12-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:42:06.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2985",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2985"
},
{
"name": "ADV-2006-5149",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5149"
},
{
"name": "21767",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21767"
},
{
"name": "23481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23481"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2985",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2985"
},
{
"name": "ADV-2006-5149",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5149"
},
{
"name": "21767",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21767"
},
{
"name": "23481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23481"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2985",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2985"
},
{
"name": "ADV-2006-5149",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5149"
},
{
"name": "21767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21767"
},
{
"name": "23481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23481"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6775",
"datePublished": "2006-12-27T23:00:00.000Z",
"dateReserved": "2006-12-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:42:06.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2242 (GCVE-0-2006-2242)
Vulnerability from cvelistv5 – Published: 2006-05-09 10:00 – Updated: 2024-08-07 17:43
VLAI
EPSS
VEX
Summary
acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with "{" (brace) characters to the USER command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/19978 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/1674 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/17855 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/25278 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/1749 | exploitx_refsource_EXPLOIT-DB |
Date Public
2006-05-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:28.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19978"
},
{
"name": "ADV-2006-1674",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1674"
},
{
"name": "17855",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17855"
},
{
"name": "acftp-user-dos(26258)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26258"
},
{
"name": "25278",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25278"
},
{
"name": "1749",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/1749"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with \"{\" (brace) characters to the USER command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19978"
},
{
"name": "ADV-2006-1674",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1674"
},
{
"name": "17855",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17855"
},
{
"name": "acftp-user-dos(26258)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26258"
},
{
"name": "25278",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25278"
},
{
"name": "1749",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/1749"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with \"{\" (brace) characters to the USER command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19978",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19978"
},
{
"name": "ADV-2006-1674",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1674"
},
{
"name": "17855",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17855"
},
{
"name": "acftp-user-dos(26258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26258"
},
{
"name": "25278",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25278"
},
{
"name": "1749",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1749"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2242",
"datePublished": "2006-05-09T10:00:00.000Z",
"dateReserved": "2006-05-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:43:28.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6775 (GCVE-0-2006-6775)
Vulnerability from nvd – Published: 2006-12-27 23:00 – Updated: 2024-08-07 20:42
VLAI
EPSS
VEX
Summary
acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/2985 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2006/5149 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/21767 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/23481 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-12-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:42:06.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2985",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2985"
},
{
"name": "ADV-2006-5149",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5149"
},
{
"name": "21767",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21767"
},
{
"name": "23481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23481"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2985",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2985"
},
{
"name": "ADV-2006-5149",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5149"
},
{
"name": "21767",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21767"
},
{
"name": "23481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23481"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2985",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2985"
},
{
"name": "ADV-2006-5149",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5149"
},
{
"name": "21767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21767"
},
{
"name": "23481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23481"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6775",
"datePublished": "2006-12-27T23:00:00.000Z",
"dateReserved": "2006-12-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:42:06.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2242 (GCVE-0-2006-2242)
Vulnerability from nvd – Published: 2006-05-09 10:00 – Updated: 2024-08-07 17:43
VLAI
EPSS
VEX
Summary
acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with "{" (brace) characters to the USER command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/19978 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/1674 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/17855 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/25278 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/1749 | exploitx_refsource_EXPLOIT-DB |
Date Public
2006-05-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:28.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19978"
},
{
"name": "ADV-2006-1674",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1674"
},
{
"name": "17855",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17855"
},
{
"name": "acftp-user-dos(26258)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26258"
},
{
"name": "25278",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25278"
},
{
"name": "1749",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/1749"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with \"{\" (brace) characters to the USER command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19978"
},
{
"name": "ADV-2006-1674",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1674"
},
{
"name": "17855",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17855"
},
{
"name": "acftp-user-dos(26258)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26258"
},
{
"name": "25278",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25278"
},
{
"name": "1749",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/1749"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with \"{\" (brace) characters to the USER command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19978",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19978"
},
{
"name": "ADV-2006-1674",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1674"
},
{
"name": "17855",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17855"
},
{
"name": "acftp-user-dos(26258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26258"
},
{
"name": "25278",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25278"
},
{
"name": "1749",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1749"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2242",
"datePublished": "2006-05-09T10:00:00.000Z",
"dateReserved": "2006-05-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:43:28.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2417 (GCVE-0-2002-2417)
Vulnerability from nvd – Published: 2007-11-01 17:00 – Updated: 2024-08-08 04:06
VLAI
EPSS
VEX
Summary
acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/6235 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/3334 | third-party-advisoryx_refsource_SREASON |
| http://www.iss.net/security_center/static/10681.php | vdb-entryx_refsource_XF |
| http://archives.neohapsis.com/archives/vulnwatch/… | mailing-listx_refsource_VULNWATCH |
| http://www.securityfocus.com/archive/1/300929 | mailing-listx_refsource_BUGTRAQ |
Date Public
2002-11-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:53.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6235",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6235"
},
{
"name": "3334",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3334"
},
{
"name": "acftp-authentication-bypass(10681)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10681.php"
},
{
"name": "20021123 acFTP Authentication Issue",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0088.html"
},
{
"name": "20021124 acFTP Authentication Issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/300929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-28T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6235",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6235"
},
{
"name": "3334",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3334"
},
{
"name": "acftp-authentication-bypass(10681)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10681.php"
},
{
"name": "20021123 acFTP Authentication Issue",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0088.html"
},
{
"name": "20021124 acFTP Authentication Issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/300929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2417",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6235",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6235"
},
{
"name": "3334",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3334"
},
{
"name": "acftp-authentication-bypass(10681)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10681.php"
},
{
"name": "20021123 acFTP Authentication Issue",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0088.html"
},
{
"name": "20021124 acFTP Authentication Issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/300929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2417",
"datePublished": "2007-11-01T17:00:00.000Z",
"dateReserved": "2007-11-01T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:06:53.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}