3488 matches found
Multiple FTP clients contain directory traversal vulnerabilities
Overview Multiple File Transfer Protocol FTP clients contain directory traversal vulnerabilities that allow a malicious FTP server to overwrite files on the client host. Description In a typical file transfer operation, one participant the client requests a file while a second participant the...
SafeTP 1.46 - Passive Mode Internal IP Address Revealing
SafeTP 1.46 - Passive Mode Internal IP Address Revealing source: https://www.securityfocus.com/bid/5822/info SafeTP is a freely available, open source secure ftp client-server software package. It is available for Unix, Linux, and Microsoft Operating Systems. It has been reported that under some...
SafeTP 1.46 - Passive Mode Internal IP Address Revealing
source: https://www.securityfocus.com/bid/5822/info SafeTP is a freely available, open source secure ftp client-server software package. It is available for Unix, Linux, and Microsoft Operating Systems. It has been reported that under some circumstances, the SafeTP server may reveal sensitive...
CVE-2002-0977
Buffer overflow in Microsoft File Transfer Manager FTM ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value...
CVE-2002-0978
Microsoft File Transfer Manager FTM ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function...
CVE-2002-0978
CVE-2002-0978 affects the Microsoft File Transfer Manager (FTM) ActiveX control prior to version 4.0. The vulnerability allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle (MITM) attack that can modify TGT and TGN parameters in a call to th...
CVE-2002-0977
Buffer overflow in Microsoft File Transfer Manager FTM ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value...
CVE-2002-0978
Microsoft File Transfer Manager FTM ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function...
Cisco TFTP Server Long Filename DoS (CSCdy03429)
Trivial File Transfer Protocol TFTP is a protocol which allows for easy transfer of files between network connected devices. A vulnerability has been discovered in the processing of filenames within a TFTP read request when Cisco IOS is configured to act as a TFTP server. This vulnerability is...
DEBIAN-CVE-2002-0714
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses...
CVE-2002-0592
AOL Instant Messenger AIM allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 Direct Connection or port 5190 file transfer before the intended user...
CVE-2002-0592
CVE-2002-0592 affects AOL Instant Messenger (AIM). The vulnerability allows remote attackers to steal files being transferred to other clients by connecting to AIM’s Direct Connection port 4443 or file transfer port 5190 before the intended user. The available sources describe this as a scheme to...
CVE-2002-0592
AOL Instant Messenger AIM allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 Direct Connection or port 5190 file transfer before the intended user...
File Transfer Protocol allows data connection hijacking via PASV mode race condition
Overview There is a vulnerability in the File Transfer Protocol FTP that allows an attacker to hijack FTP data connections when the client connects using passive mode PASV. Description In FTP PASV mode, the client makes a control connection to the FTP server typically port 21/tcp and requests a...
File send interception in AIM
Durig file trasmitio icomig connection is accepted without additioal user or IP validation...
AIM Remote File Transfer/Direct Connection Vulnerability
AIM Remote File Transfer/Direct Connection Vulnerability I Discovered this vulnerability while I was port scanning my brotherApril 15th, 2002, he just happened to send me a file and the port scan connected and received the file instead of me... The next dayApril 16th, 2002 I made a program to...
Directory traversal in AIM direct conect
During direct connect it's possible to send a file with a name containing "../"...
AOL Instant Messenger vulnerable to denial of service via crafted file name
Overview AOL Instant Messenger AIM 4.1 and prior are vulnerable to a denial of service vulnerability. A denial of service occurs when filenames that contain a "%s" are sent to a victim. Description AOL Instant Messenger AIM is a program for communicating with other users over the Internet. AIM...
CVE-1999-1326
Wu-FTPD ABOR privilege escalation (CVE-1999-1326) affects the wu-ftpd server. The vulnerability arises when handling an ABOR after a data connection has closed, due to a flaw in the dologout() path that can allow a remote attacker to gain elevated privileges (potentially root). Exploitation could...
CVE-2000-0551
The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files...