9 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-28296
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containi...
EUVD-2008-4225
Malware in sbrugna...
MGASA-2021-0198 Updated thunderbird packages fix security vulnerabilities
More internal network hosts could have been probed by a malicious webpage: Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine CVE-2021-23961. Out of...
Gentoo Security Advisory GLSA 200501-18 (konqueror)
The remote host is missing updates announced in advisory GLSA 200501-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Crlf injection
CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded CRLF %0D%0A before the FTP command, which causes the commands to be inserted into an authenticated FTP connection established...
CVE-2008-1368
CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded CRLF %0D%0A before the FTP command, which causes the commands to be inserted into an authenticated FTP connection established...
Debian Security Advisory DSA 631-1 (kdelibs)
The remote host is missing an update to kdelibs announced via advisory DSA 631-1. OpenVAS Vulnerability Test $Id: deb6311.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 631-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian DSA-1296-1 : php4 - missing input sanitising
It was discovered that the ftp extension of PHP, a server-side, HTML-embedded scripting language performs insufficient input sanitising, which permits an attacker to execute arbitrary FTP commands. This requires the attacker to already have access to the FTP server. %NASLMINLEVEL 70300 C Tenable...
Apple Mac OS X CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI
Overview Apple Mac OS X CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI. Description According to Apple Security Update 2006-007:By enticing a user to access a maliciously crafted FTP URI, an attacker can cause the user's FTP client to issue arbitrary FTP commands ...