1201 matches found
Kaspersky Anti-Virus File Server Multiple Vulnerabilities
Advisory ID Internal CORE-2017-0003 1. Advisory Information Title: Kaspersky Anti-Virus File Server Multiple Vulnerabilities Advisory ID: CORE-2017-0003 Date published: 2017-06-28 Date of last update: 2017-06-28 Vendors contacted: Kaspersky Release mode: Forced release 2. Vulnerability...
The vulnerability in the web console of the Antivirus Kasper’s 8.0 anti-virus software for Linux File Servers allows access to files located on the server.
The vulnerability of the Antivirus Kaspersky 8.0 web console for Linux File Servers relates to the possibility of executing operating system commands. Exploiting this vulnerability allows a malicious actor to gain access to files located on the server by sending a specially crafted GET request wi...
WikiLeaks Dumps CIA Patient Zero Windows Implant
WikiLeaks on Thursday made public a CIA implant that is used to turn a Windows file server into a malware distribution point on the local network. The documents describing the tool, Pandemic, explain how remote machines on the local network trying to download and-or execute documents from the fil...
May 9, 2017—KB4019216 (Monthly Rollup)
May 9, 2017—KB4019216 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4015554 released April 18, 2017, and also resolves the following vulnerabilities in Windows: Addressed issue in which, after you install security update...
Analysis of Kerberos constrained delegation SPN security vulnerabilities-vulnerability warning-the black bar safety net
In the past few years, more and more security researchers began to study Kerberos security, eventually found in support of the authentication Protocol of the network environment a lot of interesting attacks. In this post, I will describe my in the Windows Kerberos constrained delegation feature...
March 14, 2017—KB4012606 (OS Build 10240.17319)
March 14, 2017—KB4012606 OS Build 10240.17319 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed a known issue with KB3192440 that was rendering DFS-N mapped network drives...
CVE-2017-6100
tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP...
June 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
June 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 This update rollup is superseded by July 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 KB3172614 that was released on July 21, 2016. The June 2016 update rollup for Windows RT 8.1,...
CVE-2016-4025
Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email...
Easy FTP Server APPE Remote Code Execution Vulnerability
Easy FTP Server is a free green software that does not require installation and is prohibited for commercial use Supports multiple users, multiple permissions, multiple directories, supports web access, supports Windows system service mode. Easy FTP Server has a security vulnerability. Due to the...
The vulnerability of the Serv-U File Server allows a remote attacker to modify the system configuration.
The vulnerability of the Serv-U File Server software lies in errors in the code of the web interface forms. Exploiting this vulnerability allows a malicious attacker to modify system configurations...
The vulnerability of the Serv-U File Server allows a remote attacker to obtain information about the system’s configuration and user authentication credentials.
The vulnerability of the Serv-U File Server software relates to errors that occur during the processing of application variables. Exploiting this vulnerability allows a malicious attacker to obtain system configuration information, including user authentication data...
The vulnerability of the Serv-U File Server allows a remote attacker to obtain the source code of arbitrary scripts.
The vulnerability of the Serv-U File Server software lies in the lack of consideration for accessing files using extended syntax in the NTFS file system. Exploiting this vulnerability by comparing the requested resource’s URL with locations specified in the web server configuration allows a...
The vulnerability of the Serv-U File Server allows a remote attacker to perform a denial-of-service attack.
The vulnerability of the Serv-U File Server software relates to an error that occurs when processing an HTTP request involving a recursive declared variable. Exploiting this vulnerability allows a malicious attacker to perform denial-of-service attacks on the application...
The vulnerability of the SAP NetWeaver file server allows a malicious attacker to gain unauthorized access to the SUP CUA subsystem.
The SAP NetWeaver application contains an error that allows a malicious individual to remotely gain access to the SAP CUA child system and read any tables from the central SAP CUA system...
Prosody Directory Traversal Vulnerability
Prosody is a suite of Jabber/XMPP communication server software written in Lua. moddialback is one of the authentication modules used for communication between local servers. A directory traversal vulnerability in Prosody's HTTP file-serving module allows remote attackers to use the directory...
HTTP File Server Remote Command Execution Vulnerability-02 (Jan 2016)
HTTP File Server is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Http File Server Detection (HTTP)
Detection of installed version of Http file server. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
HTTP File Server Remote Command Execution Vulnerability-01 (Jan 2016)
HTTP File Server is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)
!/usr/bin/python Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 04-01-2016 Remote: Yes Exploit Author: Avinash Kumar Thapa aka "-Acid" Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3...