Vulnerabilities > Karjasoft > Sami FTP Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-11-17 | CVE-2008-5106 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Karjasoft Sami FTP Server 2.0.0/2.0.1/2.0.2 Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log file is viewed in the management console. | 10.0 |
| 2008-11-17 | CVE-2008-5105 | Improper Input Validation vulnerability in Karjasoft Sami FTP Server 2.0.0/2.0.1/2.0.2 KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash or hang) via certain (1) APPE, (2) CWD, (3) DELE, (4) MKD, (5) RMD, (6) RETR, (7) RNFR, (8) RNTO, (9) SIZE, and (10) STOR commands. | 5.0 |
| 2006-05-05 | CVE-2006-2212 | Authentication Buffer Overflow vulnerability in Karjasoft Sami FTP Server 2.0.2 Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute arbitrary code via a long (1) USER or (2) PASS command. | 6.4 |
| 2006-01-26 | CVE-2006-0441 | Buffer Overflow vulnerability in Karjasoft Sami FTP Server 2.0.1 Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed. | 7.5 |
| 2004-12-31 | CVE-2004-2081 | Denial Of Service vulnerability in Karjasoft Sami FTP Server 1.1.3 The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service (pmsystem.exe crash) by issuing (1) a CD command with a tilde (~) character or dot dot (/../) or (2) a GET command for an unavailable file. | 5.0 |
| 2004-02-13 | CVE-2004-2082 | Denial Of Service vulnerability in Karjasoft Sami FTP Server 1.1.3 The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters. | 5.0 |