Bolintech : Security Vulnerabilities, CVEs,
Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log.
Max CVSS
7.5
EPSS Score
8.43%
Published
2007-01-18
Updated
2017-10-19
BolinTech Dream FTP Server 1.02 allows remote authenticated users, including anonymous users, to cause a denial of service (application crash) via a certain invalid PORT command.
Max CVSS
4.0
EPSS Score
2.13%
Published
2006-12-26
Updated
2017-10-19
CVE-2004-2074
Public exploit
Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.
Max CVSS
5.0
EPSS Score
2.94%
Published
2004-12-31
Updated
2017-07-11
Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.
Max CVSS
10.0
EPSS Score
11.22%
Published
2004-11-23
Updated
2017-07-11
4 vulnerabilities found