Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows remote attackers to execute arbitrary code, probably via a USER command with a long username.
Max CVSS
7.5
EPSS Score
26.27%
Published
2006-05-05
Updated
2018-10-18
Buffer overflow in XM Easy Personal FTP Server 4.2 and 5.0.1 allows remote authenticated users to cause a denial of service via a long argument to the PORT command.
Max CVSS
5.0
EPSS Score
16.04%
Published
2006-05-05
Updated
2017-10-19
XM Easy Personal FTP Server 5.2.1 and earlier allows remote authenticated users to cause a denial of service via a long argument to the NLST command, possibly involving the -al flags.
Max CVSS
4.0
EPSS Score
1.26%
Published
2006-11-06
Updated
2017-10-19
Format string vulnerability in XM Easy Personal FTP Server 5.0.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in a long PORT command. NOTE: this issue might be related to CVE-2006-2226.
Max CVSS
5.0
EPSS Score
2.82%
Published
2006-12-27
Updated
2008-09-05
Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the USER command or certain other available or nonexistent commands. NOTE: It was later reported that 5.3.0 is also vulnerable.
Max CVSS
5.0
EPSS Score
18.08%
Published
2006-12-27
Updated
2017-07-29
Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728.
Max CVSS
7.5
EPSS Score
11.42%
Published
2007-03-02
Updated
2017-10-11

CVE-2008-5626

Public exploit
XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to cause a denial of service via a crafted argument to the NLST command, as demonstrated by a -1 argument.
Max CVSS
4.0
EPSS Score
95.71%
Published
2008-12-17
Updated
2017-09-29
Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote attackers to cause a denial of service via a long argument to the (1) LIST and (2) NLST commands, a differnt issue than CVE-2008-5626 and CVE-2006-5728.
Max CVSS
5.0
EPSS Score
2.70%
Published
2009-10-09
Updated
2017-08-17
Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (daemon outage) via an APPE command to one socket in conjunction with a DELE command to a second socket.
Max CVSS
4.0
EPSS Score
0.36%
Published
2009-11-23
Updated
2018-10-10
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!