dmnt

11 exploits Active since Oct 2008
CVE-2008-4501 EXPLOITDB text WORKING POC
Serv-U File Server 7.0.0.1-7.3 - Authenticated Path Traversal via RNTO Command
Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command.
EIP-2026-119091 EXPLOITDB text WORKING POC
RhinoSoft Serv-U FTP Server 7.2.0.1 - 'rnto' Directory Traversal
EIP-2026-118282 EXPLOITDB text WORKING POC
ArGoSoft FTP Server .NET 1.0.2.1 - Directory Traversal
CVE-2008-4500 EXPLOITDB text WORKING POC
Serv-U 7.0.0.1-7.3 - Authenticated Denial of Service via STOU Command
Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1".
CVE-2008-6082 EXPLOITDB python WORKING POC
Titan FTP Server 6.26 build 630 - Denial of Service via SITE WHO Command
Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command.
CVE-2008-5666 EXPLOITDB python WORKING POC
WinFTP FTP Server 2.3.0 - Authenticated Denial of Service via Invalid NLST Command
WinFTP FTP Server 2.3.0, when passive (aka PASV) mode is used, allows remote authenticated users to cause a denial of service via a sequence of FTP sessions that include an invalid "NLST -1" command.
EIP-2026-115841 EXPLOITDB python WORKING POC
MiniWeb HTTP Server 300 - Crash (PoC)
CVE-2008-6186 EXPLOITDB python WORKING POC
RaidenFTPD 2.4 build 3620 - Authenticated Stack-Based Buffer Overflow via CWD or MLST Commands
Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via long (1) CWD and (2) MLST commands.
EIP-2026-115435 EXPLOITDB python WORKING POC
Inetserv 3.23 POP3 - Denial of Service
CVE-2008-4572 EXPLOITDB python WORKING POC
GuildFTPd 0.999.14 - Denial of Service and Possible Remote Code Execution via Long CWD and LIST Arguments
GuildFTPd 0.999.14, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly triggering a heap-based buffer overflow.
EIP-2026-102760 EXPLOITDB text WORKING POC
WFTPD 3.3 - Remote REST Denial of Service