EtypeCVEs & Vulnerabilities

11 CVEs affecting Etype products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

eserv 27
CVE-2008-4588CRITICALpoc

Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command.

16 Oct 2008
10.0
CVSS
CVE-2006-2308MEDIUM

Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands.

2 Jun 2006
5.5
CVSS
CVE-2006-2309MEDIUM

The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files.

2 Jun 2006
4.0
CVSS
CVE-2003-1266MEDIUMpoc

The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data.

31 Dec 2003
5.0
CVSS
CVE-2003-0290MEDIUMpoc

Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated.

16 Jun 2003
5.0
CVSS
CVE-2002-0221MEDIUM

Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.

16 May 2002
5.0
CVSS
CVE-2002-0222HIGH

Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.

16 May 2002
7.5
CVSS
CVE-2002-0112MEDIUMpoc

Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.

25 Mar 2002
5.0
CVSS
CVE-2000-0907HIGH

EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands.

19 Dec 2000
7.5
CVSS
CVE-2000-0523CRITICALpoc

Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command.

6 Jun 2000
10.0
CVSS
CVE-1999-1509MEDIUMpoc

Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL.

4 Nov 1999
5.0
CVSS
← PrevPage 1 / 1Next →