CVE-2014-7226

The CVE-2014-7226 entry concerns Rejetto HTTP File Server (HFS) versions 2.3c and earlier, where the file comment feature allows remote code execution. The root cause is improper handling/validation of certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols when the ...

HTTP File Server 2.3a, 2.3b, 2.3c - Remote Command Execution

No description provided by source...

CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action...

Design/Logic Flaw

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action...

CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action...

CVE-2014-6287

The vulnerability CVE-2014-6287 affects Rejetto HTTP File Server (HFS) 2.3x prior to 2.3c. It stems from the findMacroMarker function in parserLib.pas, where a null-byte sequence (%00) in a search action allows remote attackers to execute arbitrary code. Public exploits and Metasploit modules exi...

CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

PT-2014-7131 · Rejetto · Rejetto Http File Server

Name of the Vulnerable Software and Affected Versions: Rejetto HTTP File Server versions 2.3x prior to 2.3c Description: The issue allows remote attackers to execute arbitrary programs via a %00 sequence in a search action. This is due to a problem in the findMacroMarker function in parserLib.pas...

[SECURITY] Fedora 20 Update: nodejs-send-0.3.0-4.fc20

Send is Connect's static extracted for generalized use, a streaming static file server supporting partial responses Ranges, conditional-GET negotiation, high test coverage, and granular events which may be leveraged to take appropriate actions in your application or framework...

[SECURITY] Fedora 19 Update: nodejs-send-0.3.0-4.fc19

Send is Connect's static extracted for generalized use, a streaming static file server supporting partial responses Ranges, conditional-GET negotiation, high test coverage, and granular events which may be leveraged to take appropriate actions in your application or framework...

Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution

========================================================== HTTP File Server 2.3a - 2.3b - 2.3c Remote Command Execution Author : Daniele Linguaglossa Date: 30/09/2014 Remote: Yes Vendor Homepage: http://rejetto.com/ Software Link: http://downloads.sourceforge.net/hfs/hfs2.3c.src.zip CVE:...

HTTP File Server 2.3a / 2.3b / 2.3c Remote Command Execution

========================================================== HTTP File Server 2.3a - 2.3b - 2.3c Remote Command Execution Author : Daniele Linguaglossa Date: 30/09/2014 Remote: Yes Vendor Homepage: http://rejetto.com/ Software Link: http://downloads.sourceforge.net/hfs/hfs2.3c.src.zip CVE:...

HTTP File Server 2.3a, 2.3b, 2.3c - Remote Command Execution Vulnerability

Exploit for php platform in category web applications ========================================================== HTTP File Server 2.3a - 2.3b - 2.3c Remote Command Execution Author : Daniele Linguaglossa Date: 30/09/2014 Remote: Yes Vendor Homepage: http://rejetto.com/ Software Link:...

Rejetto HTTP File Server (HFS) 2.3a2.3b2.3c - Remote Command Execution

Rejetto HTTP File Server HFS 2.3a2.3b2.3c - Remote Command Execution ========================================================== HTTP File Server 2.3a - 2.3b - 2.3c Remote Command Execution Author : Daniele Linguaglossa Date: 30/09/2014 Remote: Yes Vendor Homepage: http://rejetto.com/ Software Lin...

HttpFileServer 2.3c Cross Site Scripting

Exploit Title: HttpFileServer 2.3c Multiple Reflected Cross-site scripting Date: 24-09-2014 Remote: Yes Exploit Author: Mahendra Vendor Homepage: http://rejetto.com/ Software Link: http://downloads.sourceforge.net/hfs/hfs2.3c.src.zip Version: 2.3c Tested on: Windows XP SP 3, Windows 7 The latest...

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)

Rejetto HTTP File Server HFS 2.3.x - Remote Command Execution 1 Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa Vendor Homepage: http://rejetto.com/ Software Link:...

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)

Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Windows Server...

samba: smbd unicode path names denial of service

It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to...

RedHat Update for samba RHSA-2014:0867-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandriva Linux Security Advisory : samba (MDVSA-2014:136)

Updated samba packages fix security vulnerabilities : Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled CVE-2014-0178. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denia...