OpenJDK: newline injection in the FTP client (Networking, 8170222)

A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...

OpenJDK: newline injection in the FTP client (Networking, 8170222)

A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...

Accellion FTA Appliance SQL Injection Vulnerability

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. An SQL injection vulnerability exists in seos/courier/communicationp2p.php in Accellion FTA devices versions prior to FTA912180, whi...

Accellion FTA Device CRLF Vulnerability

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. A CRLF vulnerability exists in versions of Accellion FTA devices prior to FTA912180. A remote attacker could exploit this...

Accellion FTA Device LDAP Injection Vulnerability

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. An LDAP injection vulnerability exists in the home/seos/courier/ldaptest.html file in versions of Accellion FTA devices prior to...

Accellion FTA Device SQL Injection Vulnerability (CNVD-2017-07454)

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. A SQL injection vulnerability exists in the reporterror.php file in versions of Accellion FTA devices prior to FTA912180. A remote...

Accellion FTA Device Cross-Site Scripting Vulnerability (CNVD-2017-07450)

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. A cross-site scripting vulnerability exists in home/seos/courier/smtpgadd.html in Accellion FTA devices versions prior to FTA912180....

Cowrie - SSH/Telnet Honeypot

Cowrie is a medium interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. Cowrie is developed by Michel Oosterhof. Features Some interesting features: Fake filesystem with the ability to add/remove files. A full fake filesystem...

Accellion FTA Device Cross-Site Scripting Vulnerability (CNVD-2017-07449)

Accellion File Transfer is a web-based file transfer/synchronization system. A cross-site scripting vulnerability exists in the Accellion FTA appliance FTA912180 and prior versions. This allows remote attackers to inject arbitrary web script or HTML...

Unspecified Vulnerability in Accellion FTA Devices

Accellion File Transfer is a web-based file transfer/synchronization system. An unspecified vulnerability exists in versions prior to Accellion FTA TA912180. Allows an attacker to remotely execute shell metacharacters in method parameters...

iOS Security Testing Framework: needle

iOS Security Testing Framework Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes...

CVE-2017-8790

An issue was discovered on Accellion FTA devices before FTA912180. The home/seos/courier/ldaptest.html POST parameter "filter" can be used for LDAP Injection...

CVE-2017-8303

An issue was discovered on Accellion FTA devices before FTA912180. seos/1000/find.api allows Remote Code Execution with shell metacharacters in the method parameter...

CVE-2017-8793

An issue was discovered on Accellion FTA devices before FTA912180. By sending a POST request to home/seos/courier/web/wmProgressstat.html.php with an attacker domain in the acallow parameter, the device will respond with an Access-Control-Allow-Origin header allowing the attacker to have site...

CVE-2017-8304

An issue was discovered on Accellion FTA devices before FTA912180. courier/1000@/oauth/playground/callback.html allows XSS with a crafted URI...

CVE-2017-8796

An issue was discovered on Accellion FTA devices before FTA912180. Because mysqlrealescapestring is misused, seos/courier/communicationp2p.php allows SQL injection with the appid parameter...

CVE-2017-3533

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker wi...

OpenJDK: newline injection in the FTP client (Networking, 8170222)

A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...

ALPINE-CVE-2017-8073

WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the ircctcpdccfilenamewithoutquotes function during quote removal, with a buffer overflow...

OpenJDK: newline injection in the FTP client (Networking, 8170222)

A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application...