ZIP with Pass vulnerable to directory traversal

Overview ZIP with Pass provided by aokitaka contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informati...

Hewlett-Packard Data Protector Backup Client Service Opcode 42 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute remote code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on TCP port 5555...

Hewlett-Packard Data Protector Backup Client Service Opcode 45 and 46 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute remote code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on TCP port 5555...

PT-2013-6222 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 4.3-3810 Update 3 Description: Multiple directory traversal vulnerabilities in the FileBrowser components allow remote attackers to read, write, and delete arbitrary files via a .. dot dot in...

DEBIAN-CVE-2013-4510

Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report...

CVE-2013-4510

Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report...

DEBIAN-CVE-2013-2186

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...

PT-2013-1117 · Red Hat +3 · Red Hat Jboss Brms +5

Name of the Vulnerable Software and Affected Versions: Apache Commons FileUpload versions affected versions not specified Red Hat JBoss BRMS version 5.3.1 Red Hat JBoss Portal versions 4.3 CP07, 5.2.2, and 6.0.0 Red Hat JBoss Web Server version 1.0.2 Description: The issue affects the DiskFileIte...

commons-fileupload: Arbitrary file upload via deserialization

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...

程氏舞曲CMSPHP3.0储存型xss与后台任意文件写入漏洞

简要描述： 插入 构造的js 可 getshell 详细说明： user/space.php?ac=edit&op=zl 修改 签名处，没有 任何过滤。xss产生 后台 看了下 可以写任意格式文件。。 抓包。。 POST /admin/skins/skins.php?ac=xgmb&op=go&path=../../skins/index/html/ HTTP/1.1 Accept: text/html, application/xhtml+xml, / Referer:...

Updated nmap package fixes CVE-2013-4885

Updated nmap packages fix security vulnerability: It is possible to write arbitrary files to a remote system, through a specially crafted server response for NMAP http-domino-enum-passwords.nse script from nmap before 6.40 CVE-2013-4885...

commons-fileupload: Arbitrary file upload via deserialization

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...

commons-fileupload: Arbitrary file upload via deserialization

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...

CVE-2012-4121

Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed 1 r and 2 w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574...

xampp 1.8.1 任意文件写入漏洞

BUGTRAQ ID: 62665 CVE ID: CVE-2013-2586 XAMPP是跨平台开源Web服务器解决方案软件包，主要包括Apache HTTP Server, MySQL数据库, 以及用PHP及Perl编程语言编写的脚本的解释程序。 XAMPP 1.8.1的"/xampp/lang.php"页面存在注入漏洞，未授权用户可在本地磁盘内写入，本地文件 "lang.tmp"可以从远程机器上进行修改，可在目标用户浏览器中执行任意HTML或脚本代码，窃取用户凭证之类的敏感信息。 0 xampp 1.8.1 厂商补丁： xampp -----...

Nmap 任意文件写漏洞(CVE-2013-4885）

BUGTRAQ ID: 62024 CVECAN ID: CVE-2013-4885 nmap是一款用于网络发现（Network Discovery）和安全审计（Security Auditing）的网络安全工具，它是自由软件。 Nmap 6.25在http-domino-enum-passwords NSE脚本内存在任意文件上传漏洞，攻击者可利用此漏洞以当前用户权限写任意文件。 0 Nmap 6.25 厂商补丁： Nmap ---- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://nmap.org/download.html nmap --script...

Hewlett-Packard LoadRunner lrFileIOService ActiveX Control CreateFileCont Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the lrFileIOServic...

Nmap - Arbitrary File Write

Nmap - Arbitrary File Write source: https://www.securityfocus.com/bid/62024/info Nmap is prone to an arbitrary file-write vulnerability. An attacker can exploit this issue to write arbitrary files with the permissions of the user running the nmap client. This will allow the attacker to fully...

Nmap - Arbitrary File Write

source: https://www.securityfocus.com/bid/62024/info Nmap is prone to an arbitrary file-write vulnerability. An attacker can exploit this issue to write arbitrary files with the permissions of the user running the nmap client. This will allow the attacker to fully compromise the affected machine...

HP Managed Printing Administration - jobAcct Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'HP Managed Printing Administration...