Abus Security Center 'FTP' HTML Injection Vulnerability

Abuse is a popular video game. An HTML injection vulnerability exists in Abus Security Center due to the program failing to adequately clean up user input. An attacker could exploit the vulnerability to execute arbitrary script code in the context of an affected browser to steal a user's...

On QQ browser and other applications“WormBrowser”vulnerability briefings-vulnerability warning-the black bar safety net

Recently, the national information security vulnerabilities library CNNVD received Pangu team on“WormBrowser”vulnerability of the relevant circumstances of the message sent, the vulnerability exists in the Android version of the QQ browser and QQ hot two applications. Due to the above products, a...

CVE-2016-6416

The FTP service in Cisco AsyncOS on Email Security Appliance ESA devices 9.6.0-000 through 9.9.6-026, Web Security Appliance WSA devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance SMA devices allows remote attackers to cause a denial of service via a flood of FTP...

Cisco AsyncOS File Transfer Protocol Denial of Service Vulnerability

Cisco AsyncOS on Email Security Appliance ESA and so on are products of Cisco Corporation.Cisco ESA is a set of email security appliances.Cisco Content Security Management Appliance SMA is a set of content security management appliances.Cisco Web Security Appliance WSA is a set of web security...

Cisco Content Security Management Appliance File Transfer Protocol Denial of Service Vulnerability (cisco-sa-20160928-aos)

A vulnerability in the local File Transfer Protocol FTP service on the Cisco AsyncOS for Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be...

Cisco AsyncOS File Transfer Protocol Denial of Service Vulnerability

A vulnerability in the local File Transfer Protocol FTP service on the Cisco AsyncOS for Email Security Appliance ESA, Web Security Appliance WSA, and Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The...

How to customize file upload and download using Workspace app for HTML5 and Chrome

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company's Help Desk/IT support team and can refer to CTX297149 for more information. 1. Customize file upload to view uploaded files inside application File open/save dialogues. 2...

How to Disable File Transfer Feature Using Receiver for HTML5 and Receiver for Chrome

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. This article describes how to disable file transfer using Receiver for HTML5 and Receiver for Chrome...

Thru Managed File Transfer Portal Cross-Site Scripting Vulnerability

Thru Managed File Transfer Portal is a web-based file transfer application. A cross-site scripting vulnerability exists in Thru Managed File Transfer Portal version 9.0.2. It allows an attacker to send an email to a victim with malicious content...

[SECURITY] Fedora 24 Update: curl-7.47.1-8.fc24

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

LeapFTP Buffer Overflow Vulnerability

LeapFTP is a powerful FTP tool. Similar to Netscape bookmark form, more convenient to connect. Download and upload files continuously. You can download or upload a whole directory, or delete a whole directory directly. It allows you to organize the order of downloading or uploading files in...

zFTP Client 20061220 - Connection Name Local Buffer Overflow

zFTP Client 20061220 - Connection Name Local Buffer Overflow Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: zFTP Client Affected value: NAME under FTP connection Where in the code: Line 30 in strcpychk.c...

zFTP Client 20061220 - 'Connection Name' Local Buffer Overflow

Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: zFTP Client Affected value: NAME under FTP connection Where in the code: Line 30 in strcpychk.c strcpychk dest=0xb7f811c0 "/KUIP", src=0xb76a6680 "/MACRO",...

zFTP 20061220+dfsg3-4.1 Buffer Overflow

Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: zFTP Client Affected value: NAME under FTP connection Where in the code: Line 30 in strcpychk.c strcpychk dest=0xb7f811c0 "/KUIP", src=0xb76a6680 "/MACRO",...

The vulnerability of Fonality’s corporate telephony software allows a perpetrator to gain access to protected information.

The vulnerability of the Fonality corporate telephony software relates to the rigid encoding of registration data for FTP login records. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected information via FTP or SSH connections...

The vulnerability of the GNU Wget download manager, which allows a hacker to modify any files at will

The vulnerability of the GNU Wget download manager is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to remotely modify any files by redirecting requests from HTTP to a specially created FTP server...

The vulnerability of Juniper SRX 240 router microprogramming software, which allows a hacker to trigger a maintenance failure.

The Juniper SRX 240 router software contains a vulnerability that allows any user registered in the system and having remote access to the device to trigger a situation that causes resource exhaustion overloading of memory, loading of the processor. The vulnerability is related to the search for...

The vulnerability of the microprogramming software of Schneider Electric’s Modicon Quantum programmable logic controllers allows a malicious individual to gain unauthorized access to the device.

The microprogrammed software of the 140NOE77111 module of Schneider Electric’s Modicon Quantum controller contains numerous login pairs—passwords that are pre-set by default. This allows any user who has access to the device via FTP protocol to gain authorized access to the device...

The vulnerability of the Cisco IronPort Email Security Appliance allows a malicious individual to execute arbitrary code.

The vulnerability in the SLBL service a check for reliable/locked users in Cisco AsyncOS, used by Email Security Appliances and Content Security Management Appliances, allows remote users who have passed authentication to execute arbitrary code with superuser privileges, by downloading a modified...

The vulnerability of the Dnsmasq software allows a remote attacker to compromise the accessibility of protected information.

The vulnerability in the tftprequest function of tftp.c in dnsmasq when using --enable-tftp allows malicious actors to trigger a service failure by using a TFTP-read request RRQ with an improperly configured blksize parameter...