JgaaCVEs & Vulnerabilities

8 CVEs affecting Jgaa products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

warftpd 12
CVE-2013-2278CRITICAL

Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."

1 Apr 2014
10.0
CVSS
CVE-2009-5141MEDIUMpoc

Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command.

1 Apr 2014
4.0
CVSS
CVE-2006-5789MEDIUMpoc

War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated users to cause a denial of service via a large number of "%s" format strings in (1) CWD, (2) CDUP, (3) DELE, (4) NLST, (5) LIST, (6) SIZE, and possibly other commands. NOTE: it is possible that vector 1 is an off-by-one variant or incomplete fix of CVE-2005-0312.

8 Nov 2006
4.0
CVSS
CVE-2006-2171MEDIUM

Buffer overflow in WDM.exe in WarFTPD allows remote attackers to execute arbitrary code via unspecified arguments, as demonstrated by the Infigo FTPStress Fuzzer.

4 May 2006
6.4
CVSS
CVE-2000-0131MEDIUMpoc

Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands.

1 Feb 2000
5.0
CVSS
CVE-2000-0044CRITICAL

Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands.

6 Jan 2000
10.0
CVSS
CVE-1999-1003MEDIUM

War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections.

13 Dec 1999
5.0
CVSS
CVE-1999-0256HIGHpoc

Buffer overflow in War FTP allows remote execution of commands.

1 Feb 1998
7.5
CVSS
← PrevPage 1 / 1Next →