pyftpdlib Security Weakness and Multiple Remote Vulnerabilities

pyftpdlib Security Weakness and Multiple Remote Vulnerabilities

pyftpdlib is prone to an authentication-bypass vulnerability, a denial-of-service vulnerability, a buffer-overflow vulnerability, an FTP-bounce issue, and a security weakness.

Exploiting these issues will allow attackers to obtain sensitive information, gain unauthorized access, execute arbitrary code within the context of the affected application, access and attack privileged network ports, or crash the affected application, denying further service to legitimate users.

Core FTP Server 1.0.347 and Core FTP Mini SFTP Server 1.0.347 are vulnerable; other versions may also be affected.

Versions prior to pyftpdlib 0.2.0 are vulnerable.