Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
pyftpd Multiple Vulnerabilities
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
pyftpd is prone to multiple vulnerabilities.
Insight
Insight
1. pyftpd is prone to multiple default-account vulnerabilities. These issues stem from a design flaw that makes several accounts available to remote attackers. Successful exploits allow remote attackers to gain unauthorized access to a vulnerable application. 2. pyftpd creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
Affected Software
Affected Software
pyftpd prior to 0.8.5 are affected.
Solution
Solution
Vendor updates are available. Please see the references for more information.