本页列出影响 argosoft ftp_server 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2006-2170 | Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer. | [email protected] | 6.4 | 5.30% | 2006-05-04 | 2026-06-16 |
| CVE-2005-0696 | Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. NOTE: this issue was later reported to also affect 1.4.3.5. | [email protected] | 7.5 | 4.74% | 2005-03-08 | 2026-06-16 |
| CVE-2005-0520 | ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519. | [email protected] | 10.0 | 3.75% | 2005-02-23 | 2026-06-16 |
| CVE-2005-0519 | ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (.LNK) file, using SITE UNZIP to extract the .LNK file onto the server, then accessing the file, a different vulnerability than CVE-2005-0520. | [email protected] | 10.0 | 3.78% | 2005-02-18 | 2026-06-16 |
| CVE-2004-2675 | ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrupted. | [email protected] | 6.8 | 3.23% | 2004-12-31 | 2026-06-16 |
| CVE-2004-2674 | Directory traversal vulnerability in ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to determine the existence of arbitrary files via ".." sequences in the SITE UNZIP argument. | [email protected] | 6.8 | 1.66% | 2004-12-31 | 2026-06-16 |
| CVE-2004-2673 | Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a long first or second argument, or (2) a SITE COPY with a long argument. | [email protected] | 9.0 | 4.76% | 2004-12-31 | 2026-06-16 |
| CVE-2004-2672 | Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors. | [email protected] | 7.5 | 1.35% | 2004-12-31 | 2026-06-16 |
| CVE-2004-1429 | ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times that a bad password can be entered, which makes it easier for remote attackers to guess passwords via a brute force attack. | [email protected] | 7.5 | 1.32% | 2004-12-31 | 2026-06-16 |
| CVE-2004-1428 | ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a password, which allows remote attackers to determine valid usernames. | [email protected] | 5.0 | 2.84% | 2004-12-31 | 2026-06-16 |
| CVE-2000-1194 | Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands. | [email protected] | 7.5 | 2.97% | 2001-08-31 | 2026-06-16 |
| CVE-2001-1142 | ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain privileges. | [email protected] | 5.0 | 1.97% | 2001-07-12 | 2026-06-16 |
| CVE-2001-1043 | ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | [email protected] | 7.5 | 3.32% | 2001-07-01 | 2026-06-16 |