byterage

7 exploits Active since May 2001
CVE-2001-0490 EXPLOITDB c WORKING POC
Nullsoft Winamp 2.6x-2.7x - Buffer Overflow via AIP File
Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file.
CVE-2001-0688 EXPLOITDB perl WORKING POC
Broker FTP Server 5.9.5.0 - Denial of Service via Invalid CD Command
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.
CVE-2001-1112 EXPLOITDB c WORKING POC
EFTP 2.0.7.337 - Remote Code Execution via .lnk File Upload
Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters.
CVE-2001-1109 EXPLOITDB perl WORKING POC
EFTP 2.0.7.337 - Authenticated Directory Traversal via LIST QUOTE SIZE and QUOTE MDTM Commands
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands.
CVE-2001-1335 EXPLOITDB text WRITEUP
CesarFTP 0.98b - Authenticated Directory Traversal via Modified Dot Dot Sequence
Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot).
CVE-2001-1142 EXPLOITDB c WORKING POC
ArGoSoft FTP Server <1.2.2.2 - Privilege Escalation
ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain privileges.
CVE-2001-1354 EXPLOITDB c WORKING POC
NetWin Authentication module - Info Disclosure
NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.