IBM Websphere MQ File Transfer Edition Web Gateway - Insufficient Access Control

IBM Websphere MQ File Transfer Edition Web Gateway - Insufficient Access Control Exploit Author: Nir Valtman Affected Platforms: Version 7.0.4 and all previous versions of WebSphereMQ File Transfer Editionrunning on all platforms are affected. Apparently they published the CVE above without...

IBM Websphere MQ File Transfer Edition Web Gateway - Cross-Site Request Forgery

IBM Websphere MQ File Transfer Edition Web Gateway - Cross-Site Request Forgery Exploit Author: Nir Valtman Description: Malicious user is able to add userspace, change permissions on existing userspace and add MQMD MQ Message Descriptor user IDs. All of the these vulnerabilities can be exploited...

IBM Websphere MQ File Transfer Edition Web Gateway - Cross-Site Request Forgery

Exploit Author: Nir Valtman Description: Malicious user is able to add userspace, change permissions on existing userspace and add MQMD MQ Message Descriptor user IDs. All of the these vulnerabilities can be exploited using a CSRF Cross Site Request Forgery attack. Few days ago the CVE has been...

IBM Websphere MQ File Transfer Edition Web Gateway - Insufficient Access Control

Exploit Author: Nir Valtman Affected Platforms: Version 7.0.4 and all previous versions of WebSphereMQ File Transfer Editionrunning on all platforms are affected. Apparently they published the CVE above without mentioning my name, since I found it in the same time while IBM's team found it. This...

IBM WebSphere MQ File Transfer Edition Web Gateway Insufficient Access Control

Exploit for windows platform in category web applications Exploit Author: Nir Valtman Affected Platforms: Version 7.0.4 and all previous versions of WebSphereMQ File Transfer Editionrunning on all platforms are affected. Apparently they published the CVE above without mentioning my name, since I...

IBM WebSphere MQ File Transfer Insufficent Access Control

Exploit Author: Nir Valtman Affected Platforms: Version 7.0.4 and all previous versions of WebSphereMQ File Transfer Editionrunning on all platforms are affected. Apparently they published the CVE above without mentioning my name, since I found it in the same time while IBM's team found it. This...

Mandriva Update for pidgin MDVSA-2012:082 (pidgin)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : kvm on SL5.x x86_64

It was found that QEMU-KVM on the host did not validate all pointers provided from a guest system's QXL graphics card driver. A privileged guest user could use this flaw to cause the host to dereference an invalid pointer, causing the guest to crash denial of service or, possibly, resulting in th...

Scientific Linux Security Update : lftp for SL 5

LFTP is a sophisticated file transfer program for the FTP and HTTP protocols. Like Bash, it has job control and uses the Readline library for input. It has bookmarks, built-in mirroring, and can transfer several files in parallel. It is designed with reliability in mind. It was discovered that lf...

CentOS Update for vsftpd CESA-2011:0337 centos5 x86_64

Check for the Version of vsftpd OpenVAS Vulnerability Test CentOS Update for vsftpd CESA-2011:0337 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for vsftpd CESA-2011:0337 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : pidgin vulnerabilities (USN-1500-1)

Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10...

USN-1500-1: Pidgin vulnerabilities

Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10...

DEBIAN-CVE-2012-2214

proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service application crash via a sequence of XMPP file-transfer requests...

CVE-2012-2214

proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service application crash via a sequence of XMPP file-transfer requests...

CVE-2012-2214

proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service application crash via a sequence of XMPP file-transfer requests...

The Hidden Security Risks of P2P Traffic

For years enterprises have been trying to control peer-to-peer P2P technologies inside their networks, and for good reason. The efficiency with which P2P technology move large files have made P2P networks key enablers of the Internet grey market by acting as the distribution mechanism of choice f...

Globus Toolkit GridFTP Server Detection

The remote host has an installation of GridFTP server, which offers file transfer functionality. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid59733; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Globus Toolkit GridFTP Server Detection";...

SuSE 10 Security Update : finch, libpurple, and pidgin (ZYPP Patch Number 8131)

Various remote triggerable crashes in pidgin have been fixed : - In some situations the MSN server sends text that isn't UTF-8 encoded, and Pidgin fails to verify the text's encoding. In some cases this can lead to a crash when attempting to display the text . CVE-2012-1178 - Incoming messages wi...

Multi Gather Skype User Data Enumeration

This module will enumerate Skype account settings, contact list, call history, chat logs, file transfer history, and voicemail logs, saving all the data to CSV files for analysis. This module requires Metasploit: https://metasploit.com/download Current source:...