curl: FTP path trickery leads to NIL byte out of bounds write

It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior...

PT-2019-18297 · Bitdefender · Bitdefender Safepay

Name of the Vulnerable Software and Affected Versions: Bitdefender SafePay version 23.0.10.34 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

curl: FTP path trickery leads to NIL byte out of bounds write

It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior...

curl: FTP path trickery leads to NIL byte out of bounds write

It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior...

allmanage.pl-admin.txt

Allmanage.pl Admin Password vulnerability 15 may 2000 Another allmanage.pl vulnerability see also allmanage.pl.txt Everybody can easily get the admin password from the allmanage directory. You are able to set/change lots of variables, add accounts, mail users, backup, restore, edit header/footer...