Release | Version |
---|---|
jessie | 1.0.36-3.2+deb8u1 |
stretch | 1.0.43-3 |
buster | 1.0.47-3 |
bullseye | 1.0.49-4.1 |
bookworm | 1.0.50-2.1 |
trixie | 1.0.50-2.2 |
sid | 1.0.50-2.2 |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2024-48208 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an ... |
CVE-2021-40524 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism ... |
CVE-2020-9365 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) re ... |
CVE-2020-9274 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer ... |
CVE-2019-20176 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the li ... |
Bug | Description |
---|---|
TEMP-0000000-00657F | pure-ftpd-mysql: any problems with a home dir will allow rw to the entire filesystem |
CVE-2017-12170 | Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vuln ... |
CVE-2011-1575 | The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 ... |
CVE-2011-0988 | pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and S ... |
CVE-2011-0418 | The glob implementation in Pure-FTPd before 1.0.32, and in libc in Net ... |
CVE-2004-0656 | The accept_client function in PureFTPd 1.0.18 and earlier allows remot ... |
DSA / DLA | Description |
---|---|
DLA-2123-1 | pure-ftpd - security update |