Vulnerabilities > Vsftpd Project

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2021-30047 Unspecified vulnerability in Vsftpd Project Vsftpd 3.0.3
VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed.
network
low complexity
vsftpd-project
7.5
2022-03-23 CVE-2021-3618 Improper Certificate Validation vulnerability in multiple products
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates.
7.4
2019-11-27 CVE-2011-2523 OS Command Injection vulnerability in multiple products
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
network
low complexity
vsftpd-project debian CWE-78
critical
10.0
2011-03-02 CVE-2011-0762 Resource Exhaustion vulnerability in multiple products
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
4.0