Weekly Vulnerabilities Reports > June 25 to July 1, 2001

Overview

3 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 3 high severity vulnerabilities. This weekly summary report vulnerabilities in 3 products from 3 vendors including Microsoft, Argosoft, and Texasimperialsoftware. Vulnerabilities are notably categorized as "Link Following", and "Incorrect Calculation of Buffer Size".

3 reported vulnerabilities are remotely exploitables.
3 reported vulnerabilities are exploitable by an anonymous user.
Microsoft has the most reported vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES

CRITICAL RISK
VULNERABILITIES

HIGH RISK
VULNERABILITIES

MEDIUM RISK
VULNERABILITIES

LOW RISK
VULNERABILITIES

REMOTELY
EXPLOITABLE

LOCALLY
EXPLOITABLE

EXPLOIT
AVAILABLE

EXPLOITABLE
ANONYMOUSLY

AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

0 Critical Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS

Expand/Hide

3 High Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2001-07-01	CVE-2001-1386	Texasimperialsoftware	Link Following vulnerability in Texasimperialsoftware Wftpd 3.00 WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.	7.5
2001-07-01	CVE-2001-1043	Argosoft	Link Following vulnerability in Argosoft FTP Server 1.2.2.2 ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.	7.5
2001-06-27	CVE-2001-0334	Microsoft	Incorrect Calculation of Buffer Size vulnerability in Microsoft Internet Information Server FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.	7.5

Expand/Hide

0 Medium Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS

Expand/Hide

0 Low Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS