i.Ftp Server Remote Stack Buffer Overflow Vulnerability

i.Ftp Server is an FTP service program. A remote stack buffer overflow vulnerability exists in i.Ftp Server, which could be exploited by a remote attacker to submit a special request to crash the service program...

Hillstone HS TFTP Server Denial of Service Vulnerability

Hillstone HS TFTP Server is the TFTP service program built into the hillstone series. A denial of service vulnerability exists in Hillstone HS TFTP Server version 1.3.2 that allows remote attackers to cause a denial of service via a long filename in an RRQ or WRQ operation...

[SECURITY] Fedora 19 Update: curl-7.29.0-27.fc19

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

[SECURITY] Fedora 19 Update: libssh-0.6.4-1.fc19

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, tra nsfer files, use a secure and transparent tunnel for your remote...

[SECURITY] Fedora 21 Update: mingw-curl-7.39.0-1.fc21

cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, F...

[SECURITY] Fedora 20 Update: curl-7.32.0-17.fc20

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

DEBIAN-CVE-2014-1693

Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the 1 user, 2 account, 3 cd, 4 ls, 5 nlist, 6 rename, 7 delete, 8 mkdir, 9 rmdir, 10 recv, 11 recvbin, 12 recvchunkstart, 13 send...

UBUNTU-CVE-2014-1693

Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the 1 user, 2 account, 3 cd, 4 ls, 5 nlist, 6 rename, 7 delete, 8 mkdir, 9 rmdir, 10 recv, 11 recvbin, 12 recvchunkstart, 13 send...

wget: FTP symlink arbitrary filesystem access

A flaw was found in the way Wget handled symbolic links. A malicious FTP server could allow Wget running in the mirror mode using the '-m' command line option to write an arbitrary file to a location writable to by the user running Wget, possibly leading to code execution...

Mandriva Linux Security Advisory : libvncserver (MDVSA-2014:229)

Updated libvncserver packages fix security vulnerabilities : A malicious VNC server can trigger incorrect memory management handling by advertising a large screen size parameter to the VNC client. This would result in multiple memory corruptions and could allow remote code execution on the VNC...

CVE-2014-7194

TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File Transfer Command Center before 7.2.4, Slingshot before 1.9.3, and Vault before 1.1.1 allow remote attackers to obtain sensitive information or modify data by leveraging agent access...

Buffer overflow

TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File Transfer Command Center before 7.2.4, Slingshot before 1.9.3, and Vault before 1.1.1 allow remote attackers to obtain sensitive information or modify data by leveraging agent access...

CVE-2014-7194

TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File Transfer Command Center before 7.2.4, Slingshot before 1.9.3, and Vault before 1.1.1 allow remote attackers to obtain sensitive information or modify data by leveraging agent access...

CVE-2014-7194

CVE-2014-7194 affects TIBCO MFT Internet Server prior to 7.2.4, MFT Command Center prior to 7.2.4, Slingshot prior to 1.9.3, and Vault prior to 1.1.1. The issue allows remote attackers to obtain sensitive information or modify data by exploiting agent access. No exploitation details, affected ver...

iFunBox Free 1.1 iOS - File Inclusion Vulnerability

No description provided by source. Document Title: =============== iFunBox Free v1.1 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1344 Release Date: ============= 2014-10-20 Vulnerability Laboratory ID VL-ID:...

[SECURITY] Fedora 20 Update: tnftp-20141031-1.fc20

tnftp is the FTP File Transfer Protocol client from NetBSD. FTP is a wid ely used protocol for transferring files over the Internet and for archiving fi les. tnftp provides some advanced features beyond the Linux netkit ftp client, b ut maintains a similar user interface to the traditional ftp...

libvncserver: server stacked-based buffer overflow flaws in file transfer handling

Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client...

libvncserver: server stacked-based buffer overflow flaws in file transfer handling

Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client...

[SECURITY] Fedora 20 Update: curl-7.32.0-15.fc20

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

wget: FTP symlink arbitrary filesystem access

A flaw was found in the way Wget handled symbolic links. A malicious FTP server could allow Wget running in the mirror mode using the '-m' command line option to write an arbitrary file to a location writable to by the user running Wget, possibly leading to code execution...