ALPINE-CVE-2016-7984

The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftpprint...

CVE-2016-10104

Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to an...

DEBIAN-CVE-2016-5725

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...

DEBIAN-CVE-2016-2372

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle attacker can send an invalid size for a file transfer which will trigger an...

[SECURITY] Fedora 24 Update: curl-7.47.1-10.fc24

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

Core FTP LE- 'SSH/SFTP' Remote Buffer Overflow Vulnerability

Core FTP LE is a free FTP client. Core FTP LE- 'SSH/SFTP' suffers from a remote buffer overflow vulnerability. When connecting to a malicious server using the SSH / SFTP protocol. Allows remote attackers to exploit the vulnerability to execute arbitrary code or launch a denial of service attack...

[SECURITY] Fedora 25 Update: curl-7.51.0-1.fc25

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

CVE-2016-6460

A vulnerability in the FTP Representational State Transfer Application Programming Interface REST API for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. Cisco Firepower System...

PCMan FTP Server 'SITE CHMOD' Command Buffer Overflow Vulnerability

PCMan FTP Server is a full-featured FTP server software. A buffer overflow vulnerability exists in PCMan FTP Server version 2.0.7. A remote attacker can exploit this vulnerability to execute arbitrary code in the context of an affected application with the help of a long string in the SITE CHMOD...

SOL58243048 - Considerations for transferring files from F5 devices

Vulnerability Description The BIG-IP system uses Secure Vault, a secure SSL-encrypted storage system, to securely store sensitive data such as SSL key passphrases, users, and administrator and services passwords. However, files transferred from an F5 device may contain sensitive information such ...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2016-10571)

Freefloat FTP Server is a free software package for uploading files and managing wired and wireless devices from the Swedish company Freefloat. A buffer overflow vulnerability exists in version 1.0 of FreeFloat FTP Server. A remote attacker can exploit this vulnerability to execute arbitrary code...

SweetRice 1.5.1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications document.forms0.submit; 0day.today 2018-01-01...

SweetRice 1.5.1 Cross Site Request Forgery

document.forms0.submit;...

SweetRice 1.5.1 - Cross-Site Request Forgery

document.forms0.submit;...

Micro Focus Rumba 9.3 Stack Overflow

Exploit Title: Micro Focus Rumba send c:\aaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...

Micro Focus Rumba 9.4 - Local Denial of Service

Micro Focus Rumba 9.4 - Local Denial of Service Exploit Title: Micro Focus Rumba 9.4 Multiple Local Stack-overflow Date: 29-10-2016 Exploit Author: Umit Aksu Vendor Homepage: http://www.microfocus.com/ Software Link:...

Micro Focus Rumba 9.4 - Local Denial of Service

Exploit Title: Micro Focus Rumba 9.4 Multiple Local Stack-overflow Date: 29-10-2016 Exploit Author: Umit Aksu Vendor Homepage: http://www.microfocus.com/ Software Link: http://nadownloads.microfocus.com/epd/productdownloadrequest.aspx?type=eval&transid=2179441&last4=2179441&code=40231 Version: 9....

CVE-2016-6358

A vulnerability in local FTP to the Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition when the FTP application unexpectedly quits. More Information: CSCux68539. Known Affected Releases: 9.1.0-032 9.7.1-000. Known...

Cisco Email Security Appliance Remote Denial of Service Vulnerability

Cisco Email Security Appliance ESA is a set of e-mail security appliances from the American company Cisco Cisco. The appliance provides spam protection, email encryption, data loss prevention and other features. A remote denial of service vulnerability exists in the Cisco Email Security Appliance...

Shell to Meterpreter Upgrade

This module attempts to upgrade a command shell to meterpreter. The shell platform is automatically detected and the best version of meterpreter for the target is selected. Currently meterpreter/reversetcp is used on Windows and Linux, with 'python/meterpreter/reversetcp' used on all others. This...