Kaspersky Anti-Virus for Linux File Server Path Traversal Vulnerability

Kaspersky Anti-Virus for Linux File Server is designed to provide antivirus protection for file servers running under the Linux operating system. A path traversal vulnerability exists in Kaspersky Anti-Virus for Linux File Server. The vulnerability allows an attacker to read arbitrary files with...

Kaspersky Anti-Virus for Linux File Server Cross-Site Request Forgery Vulnerability

Kaspersky Anti-Virus for Linux File Server is designed to provide antivirus protection for file servers running under the Linux operating system. A cross-site request forgery vulnerability exists in Kaspersky Anti-Virus for Linux File Server. This allows an attacker to submit authenticated reques...

Kaspersky Anti-Virus for Linux File Server Elevation of Privilege Vulnerability

Kaspersky Anti-Virus for Linux File Server is designed to provide antivirus protection for file servers running under the Linux operating system. An elevation of privilege vulnerability exists in Kaspersky Anti-Virus for Linux File Server. The vulnerability allows attackers to exploit an elevatio...

Kaspersky Anti-Virus for Linux File Server Reflective Cross-Site Scripting Vulnerability

Kaspersky Anti-Virus for Linux File Server is designed to provide antivirus protection for file servers running under the Linux operating system. A reflected cross-site scripting vulnerability exists in Kaspersky Anti-Virus for Linux File Server. The vulnerability allows an attacker to execute...

Kaspersky Anti-Virus File Server 8.0.3.297 XSS / CSRF / Code Execution

Advisory Information Title: Kaspersky Anti-Virus File Server Multiple Vulnerabilities Advisory ID: CORE-2017-0003 Advisory URL: http://www.coresecurity.com/advisories/Kaspersky-Anti-Virus-File-Server-Multiple-Vulnerabilities Date published: 2017-06-28 Date of last update: 2017-06-28 Vendors...

Kaspersky Anti-Virus File Server Multiple Vulnerabilities

Advisory ID Internal CORE-2017-0003 1. Advisory Information Title: Kaspersky Anti-Virus File Server Multiple Vulnerabilities Advisory ID: CORE-2017-0003 Date published: 2017-06-28 Date of last update: 2017-06-28 Vendors contacted: Kaspersky Release mode: Forced release 2. Vulnerability...

Kaspersky Anti-Virus File Server 8.0.3.297 - Multiple Vulnerabilities

Advisory Information Title: Kaspersky Anti-Virus File Server Multiple Vulnerabilities Advisory ID: CORE-2017-0003 Advisory URL: http://www.coresecurity.com/advisories/Kaspersky-Anti-Virus-File-Server-Multiple-Vulnerabilities Date published: 2017-06-28 Date of last update: 2017-06-28 Vendors...

The vulnerability in the web console of the Antivirus Kasper’s 8.0 anti-virus software for Linux File Servers allows access to files located on the server.

The vulnerability of the Antivirus Kaspersky 8.0 web console for Linux File Servers relates to the possibility of executing operating system commands. Exploiting this vulnerability allows a malicious actor to gain access to files located on the server by sending a specially crafted GET request wi...

WikiLeaks Dumps CIA Patient Zero Windows Implant

WikiLeaks on Thursday made public a CIA implant that is used to turn a Windows file server into a malware distribution point on the local network. The documents describing the tool, Pandemic, explain how remote machines on the local network trying to download and-or execute documents from the fil...

May 9, 2017—KB4019216 (Monthly Rollup)

May 9, 2017—KB4019216 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4015554 released April 18, 2017, and also resolves the following vulnerabilities in Windows: Addressed issue in which, after you install security update...

Analysis of Kerberos constrained delegation SPN security vulnerabilities-vulnerability warning-the black bar safety net

In the past few years, more and more security researchers began to study Kerberos security, eventually found in support of the authentication Protocol of the network environment a lot of interesting attacks. In this post, I will describe my in the Windows Kerberos constrained delegation feature...

March 14, 2017—KB4012606 (OS Build 10240.17319)

March 14, 2017—KB4012606 OS Build 10240.17319 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed a known issue with KB3192440 that was rendering DFS-N mapped network drives...

CVE-2017-6100

tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP...

June 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2

June 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 This update rollup is superseded by July 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 KB3172614 that was released on July 21, 2016. The June 2016 update rollup for Windows RT 8.1,...

CVE-2016-4025

Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email...

Easy FTP Server APPE Remote Code Execution Vulnerability

Easy FTP Server is a free green software that does not require installation and is prohibited for commercial use Supports multiple users, multiple permissions, multiple directories, supports web access, supports Windows system service mode. Easy FTP Server has a security vulnerability. Due to the...

The vulnerability of the Serv-U File Server allows a remote attacker to modify the system configuration.

The vulnerability of the Serv-U File Server software lies in errors in the code of the web interface forms. Exploiting this vulnerability allows a malicious attacker to modify system configurations...

The vulnerability of the Serv-U File Server allows a remote attacker to obtain information about the system’s configuration and user authentication credentials.

The vulnerability of the Serv-U File Server software relates to errors that occur during the processing of application variables. Exploiting this vulnerability allows a malicious attacker to obtain system configuration information, including user authentication data...

The vulnerability of the Serv-U File Server allows a remote attacker to perform a denial-of-service attack.

The vulnerability of the Serv-U File Server software relates to an error that occurs when processing an HTTP request involving a recursive declared variable. Exploiting this vulnerability allows a malicious attacker to perform denial-of-service attacks on the application...

The vulnerability of the SAP NetWeaver file server allows a malicious attacker to gain unauthorized access to the SUP CUA subsystem.

The SAP NetWeaver application contains an error that allows a malicious individual to remotely gain access to the SAP CUA child system and read any tables from the central SAP CUA system...