Filtered by vendor Netbsd Subscriptions
Filtered by product Tnftpd Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-45198 1 Netbsd 2 Ftpd, Tnftpd 2024-11-21 7.5 High
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) before 20231001 is also vulnerable.
CVE-2015-5917 2 Apple, Netbsd 2 Mac Os X, Tnftpd 2024-11-21 N/A
The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows remote attackers to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances of the {..,..,..}/* substring.