Aggregates CVE and security vulnerability intelligence across all bisonware-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling, vendor risk buffer overflow, and vendor risk denial of service, with potential vendor impact file overwrite across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2015-7602 | Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command. | [email protected] | 7.8 | 52.58% | 2015-09-29 | 2026-05-06 |
| CVE-2001-0765 | BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories. | [email protected] | 4.6 | 0.08% | 2001-10-18 | 2026-04-16 |
| CVE-1999-1510 | Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands. | [email protected] | 7.5 | 82.52% | 1999-05-17 | 2026-04-16 |
| CVE-1999-1156 | BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns. | [email protected] | 5.0 | 0.66% | 1999-05-17 | 2026-04-16 |
| CVE-1999-0079 | Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports. | [email protected] | 5.0 | 0.68% | 1997-09-12 | 2026-04-16 |