Product:

Vsftpd

(Vsftpd_project)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 5
Date Id Summary Products Score Patch Annotated
2022-03-23 CVE-2021-3618 ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may... Debian_linux, Nginx, Fedora, Sendmail, Vsftpd 7.4
2023-08-22 CVE-2021-30047 VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed. Vsftpd 7.5
2015-01-28 CVE-2015-1419 Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to deny_file parsing. Opensuse, Vsftpd N/A
2019-11-27 CVE-2011-2523 vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp. Debian_linux, Vsftpd 9.8
2011-03-02 CVE-2011-0762 The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. Ubuntu_linux, Debian_linux, Fedora, Opensuse, Linux_enterprise_server, Vsftpd N/A