899 matches found
Cisco Email Security Appliance Remote Denial of Service Vulnerability
Cisco Email Security Appliance ESA is a set of e-mail security appliances from the American company Cisco Cisco. The appliance provides spam protection, email encryption, data loss prevention and other features. A remote denial of service vulnerability exists in the Cisco Email Security Appliance...
Abus Security Center 'FTP' HTML Injection Vulnerability
Abuse is a popular video game. An HTML injection vulnerability exists in Abus Security Center due to the program failing to adequately clean up user input. An attacker could exploit the vulnerability to execute arbitrary script code in the context of an affected browser to steal a user's...
CVE-2016-6416
The FTP service in Cisco AsyncOS on Email Security Appliance ESA devices 9.6.0-000 through 9.9.6-026, Web Security Appliance WSA devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance SMA devices allows remote attackers to cause a denial of service via a flood of FTP...
Cisco AsyncOS File Transfer Protocol Denial of Service Vulnerability
Cisco AsyncOS on Email Security Appliance ESA and so on are products of Cisco Corporation.Cisco ESA is a set of email security appliances.Cisco Content Security Management Appliance SMA is a set of content security management appliances.Cisco Web Security Appliance WSA is a set of web security...
Cisco Content Security Management Appliance File Transfer Protocol Denial of Service Vulnerability (cisco-sa-20160928-aos)
A vulnerability in the local File Transfer Protocol FTP service on the Cisco AsyncOS for Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be...
Cisco AsyncOS File Transfer Protocol Denial of Service Vulnerability
A vulnerability in the local File Transfer Protocol FTP service on the Cisco AsyncOS for Email Security Appliance ESA, Web Security Appliance WSA, and Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The...
The vulnerability of Fonality’s corporate telephony software allows a perpetrator to gain access to protected information.
The vulnerability of the Fonality corporate telephony software relates to the rigid encoding of registration data for FTP login records. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected information via FTP or SSH connections...
The vulnerability of the microprogramming software of Schneider Electric’s Modicon Quantum programmable logic controllers allows a malicious individual to gain unauthorized access to the device.
The microprogrammed software of the 140NOE77111 module of Schneider Electric’s Modicon Quantum controller contains numerous login pairs—passwords that are pre-set by default. This allows any user who has access to the device via FTP protocol to gain authorized access to the device...
The vulnerability of the Cisco IronPort Email Security Appliance allows a malicious individual to execute arbitrary code.
The vulnerability in the SLBL service a check for reliable/locked users in Cisco AsyncOS, used by Email Security Appliances and Content Security Management Appliances, allows remote users who have passed authentication to execute arbitrary code with superuser privileges, by downloading a modified...
The vulnerability of the Dnsmasq software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
Overfilling the buffer in dynamic memory in the tftprequest function in tftp.c in dnsmasq when using --enable-tftp allows malicious actors operating remotely to execute arbitrary code by using a long filename in the TFTP packet; for example, in a read request RRQ...
CVE-2016-1440
The proxy process on Cisco Web Security Appliance WSA devices through 9.1.0-070 allows remote attackers to cause a denial of service CPU consumption by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468...
DEBIAN-CVE-2016-4971
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...
CVE-2016-2362
Fonality previously trixbox Pro 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which allows remote attackers to obtain access via a 1 FTP or 2 SSH connection...
The vulnerability of the PHP interpreter allows attackers to execute arbitrary code.
The vulnerability of the ftpgenlist function ext/ftp/ftp.c in the PHP interpreter is caused by a numerical overflow. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code with a long response to the LIST command...
Foreman Arbitrary Code Execution Vulnerability
Foreman is a set of lifecycle management tools for use in physical and virtual servers. A security vulnerability in the smart proxy TFTP API in Foreman versions 1.11.x before 1.10.4 and 1.11.2 before 1.11.2 can be exploited by a remote attacker to execute arbitrary code with the help of specially...
Pro-face GP-Pro EX Authentication Bypass Vulnerability
Pro-face GP-Pro EX is a set of HMI screen editing and logic programming software from American Pro-face. The Pro-face GP-Pro EX has a security vulnerability due to the use of hard-coded certificates by the FTP server. A remote attacker could exploit the vulnerability to access items in the device...
Cisco NCS6000 IOS XR Software Secure Copy Protocol and Secure FTP Denial of Service Vulnerabilities
Cisco IOS XR for Cisco NCS6000 is a network operating system from Cisco that runs in the NCS 6000 series routers. A security vulnerability exists in the SCP and SFTP modules in Cisco IOS XR Software versions 5.0.0 through 5.2.5 for Cisco NCS 6000 due to the program failing to properly set...
The vulnerability of the Signage Station presentation preparation program and the iArtist Lite presentation preparation utility, which allows a intruder to access protected information
The vulnerability of the Signage Station presentation preparation service and the iArtist Lite presentation preparation utility exists due to the rigid encoding of registration data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected informatio...
QNAP Systems iArtist Lite Hardcoding Vulnerability
QNAP Systems iArtist Lite is a suite of ad editing software for QNAP NAS. QNAP Systems iArtist Lite uses hard-coded FTP accounts and passwords, allowing remote attackers to sniff the network for FTP transfer data...
The vulnerability of the microprogramming software for Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL allows a hacker to read files during web access and gain administrator privileges.
The vulnerability of the FTP server for microprogrammed software-controlled Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL arises due to...