Fedora 11 : pidgin-sipe-1.9.1-1.fc11 (2010-4830)

Contributed File transfer functionality. File encryption is supported. Jakub Adam, Tomas Hrabik NTLMv2 and NTLMv2 Session Security support pier11 Implemented SIP Authentication Extensions protocol version 4 and 3 pier11 Adoption for commercial UNIX - HP/UX, Irix, Solaris - big endian fixes and...

[SECURITY] Fedora 12 Update: lftp-4.0.8-1.fc12

LFTP is a sophisticated ftp/http file transfer program. Like bash, it has j ob control and uses the readline library for input. It has bookmarks, built-in mirroring, and can transfer several files in parallel. It is designed with reliability in mind...

Software Index a remote file upload vulnerability-vulnerability warning-the black bar safety net

Upload file filter is not strict, resulting in remote file upload executable code vulnerabilities. Bulk Google Dork : Copyright 2 0 1 0. Software Index Exp: the html head TitleSelect Image File for uploading/Title script language="JavaScript" function checkFile if form1. userfile. value == ""...

Sun Solaris 10 ftpd Cross Site Request Forgery

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sun Solaris 10 ftpd Cross-site request forgery Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 24.02.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/09 - - OpenSoalris 2009.06 Original URL:...

Rumba FTP Client 4.2 Buffer Overflow

Exploit Title: Rumba ftp Client 4.2 PASV BoF SEH Date: 2010-04-24 Author: zombiefx & corelanc0d3r Email: darkernetatgmail.com Software Link: http://download.cnet.com/Rumba-FTP/3000-21604-10587778.html Version: Rumba ftp client 4.2 Tested on: Windows XP SP3 SEH overwrite occurs when sending the...

Debian: Security Advisory (DSA-2023-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Do all in cmd shell!- Vulnerability warning-the black bar safety net

Do all in cmd shell! Directory 1, Preface 2, The file transmission 3, The system configuration 4, the network configuration 5, software installation 6, Windows Script 7, The accompanying statement Foreword Cmd Shellcommand line interactionis a hack eternal topic, it is the historic and enduring i...

Firefox integer underflow in FTP directory list parser

Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service application crash, or obtain sensitive information via a crafted directory listing in a reply...

Firefox integer underflow in FTP directory list parser

Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service application crash, or obtain sensitive information via a crafted directory listing in a reply...

[SECURITY] Fedora 11 Update: curl-7.19.7-5.fc11

cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, F...

Fedora Update for curl FEDORA-2010-2762

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2010-2762 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 12 Update: curl-7.19.7-7.fc12

cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, F...

Energizer DUO USB battery charger software allows unauthorized remote system access

Overview The software available for the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access. Description Energizer DUO is a USB battery charger. An optional Windows application that allows the user to view the battery charging status has been...

Directory traversal

Directory traversal vulnerability in webclientuserguide.html in Accellion Secure File Transfer Appliance before 80105 allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter...

Design/Logic Flaw

Accellion Secure File Transfer Appliance before 80105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program...

Command injection

Accellion Secure File Transfer Appliance before 80105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to gain privileges via 1 arbitrary arguments in the --filemove action in /usr/local/bin/admin.pl, or a...

Cross site scripting

Cross-site scripting XSS vulnerability in Accellion Secure File Transfer Appliance before 70296 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not properly handled when the administrator views audit logs...

CVE-2009-4648

Accellion Secure File Transfer Appliance before 80105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to gain privileges via 1 arbitrary arguments in the --filemove action in /usr/local/bin/admin.pl, or a...

CVE-2009-4646

Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string...

CVE-2009-4647

Cross-site scripting XSS vulnerability in Accellion Secure File Transfer Appliance before 70296 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not properly handled when the administrator views audit logs...