File Transfer 1.2 - Request File Directory Traversal

source: https://www.securityfocus.com/bid/28453/info File Transfer is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access arbitrary files outside of the application's root directory. Th...

php CRLF injection

CRLF injection vulnerability in the ftpputcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands...

security flaw

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs...

security flaw

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs...

CVE-2007-5546

Multiple stack-based buffer overflows in TIBCO SmartPGM FX allow remote attackers to execute arbitrary code or cause a denial of service service stop and file-transfer outage via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information...

kdelibs KDE JavaScript denial of service (crash)

ecma/kjshtml.cpp in KDE JavaScript KJS, as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service crash by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference...

FTP protocol PASV design flaw affects konqueror

The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

php CRLF injection

CRLF injection vulnerability in the ftpputcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands...

Design/Logic Flaw

Interpretation conflict in WinSCP before 4.0.4 allows remote attackers to perform arbitrary file transfers with a remote server via file-transfer commands in the final portion of a 1 scp, and possibly a 2 sftp or 3 ftp, URL, as demonstrated by a URL specifying login to the remote server with a...

CVE-2007-4909

WinSCP (before 4.0.4) is affected by an interpretation conflict in its URL handler that lets remote attackers perform arbitrary file transfers via certain scp/sftp/ftp URLs, by abusing a login-as-username on the URL which is parsed differently by the protocol handler. The issue is described as a ...

WinSCP < 4.0.4 URL Protocol Handler Arbitrary File Transfer

Binary data 4214.prm...

WinSCP &lt; 4.04 url protocol handler flaw

-Affected products: WinSCP 4.03 and older -Details: By default WinSCP installs url protocol handlers for the scp:// and sftp:// protocols. These could be used by malicious web content to automatically upload any file from the local system to a remote server, or automatically download files from a...

WinSCP URL Protocol Handler Arbitrary File Transfer

According to its version, the installation of WinSCP on the remote host fails to completely sanitize input to the SCP and SFTP protocol handlers. If an attacker can trick a user on the affected host into clicking on a malicious link, a file transfer can be initiated to or from the affected host. ...

magellan-traverse.txt

HISPASEC Security Advisory http://blog.hispasec.com/lab/ Name : 2K7SEPT6 Magellan Explorer 3.32 build 2305 Remote FTP Client Directory Traversal Class : Remote Directory Traversal Threat level : HIGH Discovered : 2007-08-14 Published : 2007-09-06 Credit : Gynvael Coldwind Vulnerable : 3.32 built...

Buffer overflow

Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to cause a denial of service application crash via certain file-transfer packets, possibly involving a buffer overflow, as demonstrated by ym8bug.exe. NOTE: this might be related to CVE-2007-4515. NOTE: the provenance of this...

CVE-2007-4635

CVE-2007-4515 and CVE-2007-4635 pertain to Yahoo! Messenger, targeting the YVerInfo.dll ActiveX control. The root cause is a buffer overflow in the ActiveX methods fvCom and info, exploitable by crafted inputs. CVE-2007-4515 describes a pre-8.1.0.419 condition allowing remote code execution; CVE-...

Yahoo! Messenger 8.1 - File Transfer Denial of Service

source: https://www.securityfocus.com/bid/25484/info Yahoo! Messenger is prone to a denial-of-service vulnerability because it fails to handle certain file-transfer packets. Attackers can exploit this issue to crash the application, causing denial-of-service conditions. NOTE: This issue is...

Yahoo! Messenger 8.1 - File Transfer Denial of Service

Yahoo! Messenger 8.1 - File Transfer Denial of Service source: https://www.securityfocus.com/bid/25484/info Yahoo! Messenger is prone to a denial-of-service vulnerability because it fails to handle certain file-transfer packets. Attackers can exploit this issue to crash the application, causing...

Code injection

Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and earlier, allows remote attackers to cause a client denial of service crash via 1 a long string to the file transfer port or 2 a long chat message, or 3 a server denial of service continuous beep and slowdown via a string...

CVE-2007-4531

Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and earlier, allows remote attackers to cause a client denial of service crash via 1 a long string to the file transfer port or 2 a long chat message, or 3 a server denial of service continuous beep and slowdown via a string...