The vulnerability of the Serv-U File Server allows a remote attacker to obtain the source code of arbitrary scripts.

The vulnerability of the Serv-U File Server software lies in the lack of consideration for accessing files using extended syntax in the NTFS file system. Exploiting this vulnerability by comparing the requested resource’s URL with locations specified in the web server configuration allows a...

Prosody Directory Traversal Vulnerability

Prosody is a suite of Jabber/XMPP communication server software written in Lua. moddialback is one of the authentication modules used for communication between local servers. A directory traversal vulnerability in Prosody's HTTP file-serving module allows remote attackers to use the directory...

HTTP File Server Remote Command Execution Vulnerability-02 (Jan 2016)

HTTP File Server is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Http File Server Detection (HTTP)

Detection of installed version of Http file server. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

HTTP File Server Remote Command Execution Vulnerability-01 (Jan 2016)

HTTP File Server is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 04-01-2016 Remote: Yes Exploit Author: Avinash Kumar Thapa aka "-Acid" Vendor Homepage: http://rejetto.com/ Softwar...

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)

Rejetto HTTP File Server HFS 2.3.x - Remote Command Execution 2 !/usr/bin/python Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 04-01-2016 Remote: Yes Exploit Author: Avinash Kumar Thapa aka "-Acid" Vendor Homepage: http://rejetto.com/...

Rejetto HTTP File Server 2.3.x Remote Code Execution

!/usr/bin/python Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 04-01-2016 Remote: Yes Exploit Author: Avinash Kumar Thapa aka "-Acid" Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3...

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)

!/usr/bin/python Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 04-01-2016 Remote: Yes Exploit Author: Avinash Kumar Thapa aka "-Acid" Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3...

Directory Traversal

Overview All versions of the static file server module nhouston are vulnerable to directory traversal. An attacker can provide input such as ../ to read files outside of the served directory. Recommendation It is recommended that a different module be used, as we have been unable to reacher the...

Apache ActiveMQ File Upload Directory Traversal (CVE-2015-1830)

A directory traversal vulnerability exists in Apache ActiveMQ. The vulnerability is due to a flaw in the file server upload/download functionality used for blob messages. A remote, unauthenticated attacker may exploit this vulnerability by uploading a specially crafted file to the server...

FHFS - FTP/HTTP File Server 2.1.2 远程命令执行

No description provided by source. !/usr/bin/python FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution Author: Naser Farhadi Date: 26 August 2015 Version: 2.1.2 Tested on: Windows 7 SP1 32 bit Link : http://sourceforge.net/projects/fhfs/ Description : FHFS is a FTP and HTTP Web Server...

FHFS - FTPHTTP File Server 2.1.2 Remote Command Execution

FHFS - FTPHTTP File Server 2.1.2 Remote Command Execution !/usr/bin/python FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution Author: Naser Farhadi Date: 26 August 2015 Version: 2.1.2 Tested on: Windows 7 SP1 32 bit Link : http://sourceforge.net/projects/fhfs/ Description : FHFS is a FTP...

FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution

!/usr/bin/python FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution Author: Naser Farhadi Date: 26 August 2015 Version: 2.1.2 Tested on: Windows 7 SP1 32 bit Link : http://sourceforge.net/projects/fhfs/ Description : FHFS is a FTP and HTTP Web Server package, transparently based on HFS an...

[SECURITY] Fedora 21 Update: duplicity-0.6.25-3.fc21

Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...

[SECURITY] Fedora 20 Update: duplicity-0.6.25-3.fc20

Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...

DDoS Exploit Targets Open Source Rejetto HFS

Apparently no vulnerability is too small, no application too obscure, to escape a hacker’s notice. A honeypot run by Trustwave’s SpiderLabs research team recently snared an automated attack targeting users of the open source Rejetto HTTP File Server Rejetto HFS. Someone was trying to exploit a...

Security fix for the ALT Linux 6 package samba version 3.5.22-alt0.M60P.1

3.5.22-alt0.M60P.1 built Feb. 24, 2015 Andrey Cherepanov in task 140944 Feb. 23, 2015 Andrey Cherepanov - 3.5.22 + fixes CVE-2015-0240 security flaw in the smbd file server daemon...

Mac OS X < 10.10 Multiple Vulnerabilities (APPLE-SA-2014-10-16-1 OS X Yosemite v10.10)

Binary data 8555.prm...

CVE-2014-4426

AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface...