HttpFileServer 2.3c Cross Site Scripting

Exploit Title: HttpFileServer 2.3c Multiple Reflected Cross-site scripting Date: 24-09-2014 Remote: Yes Exploit Author: Mahendra Vendor Homepage: http://rejetto.com/ Software Link: http://downloads.sourceforge.net/hfs/hfs2.3c.src.zip Version: 2.3c Tested on: Windows XP SP 3, Windows 7 The latest...

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)

Rejetto HTTP File Server HFS 2.3.x - Remote Command Execution 1 Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa Vendor Homepage: http://rejetto.com/ Software Link:...

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)

Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Windows Server...

samba: smbd unicode path names denial of service

It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to...

RedHat Update for samba RHSA-2014:0867-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandriva Linux Security Advisory : samba (MDVSA-2014:136)

Updated samba packages fix security vulnerabilities : Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled CVE-2014-0178. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denia...

CentOS 7 : samba (CESA-2014:0867)

Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

libsmbclient, samba, samba3x security update

CentOS Errata and Security Advisory CESA-2014:0866 Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability...

Updated samba packages fix multiple vulnerabilities

Updated samba packages fix security vulnerabilities: Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled CVE-2014-0178. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial...

HTTP File Server 2.2 Security Bypass and Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/39544/info HTTP File Server is prone to multiple vulnerabilities including a security-bypass issue and a denial-of-service issue. Exploiting these issues will allow an attacker to download files from restricted directorie...

HFS HTTP File Server 2.2/2.3 Arbitrary File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26732/info HFS HTTP File Server is prone to a vulnerability that lets attackers upload files and place them in arbitrary locations on the server. The issue occurs because the software fails to adequately sanitize...

Group Logic ExtremeZ-IP File and Print Servers 5.1.2 x15 Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27718/info ExtremeZ-IP File and Print servers are prone to multiple vulnerabilities including denial-of-service and information-disclosure issues. Attackers can exploit these issues to cause denial-of-service conditions o...

HFS HTTP File Server 1.5/2.x Multiple Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27423/info HFS HTTP File Server is prone to multiple security vulnerabilities, including cross-site scripting issues, an information-disclosure issue, an arbitrary file-creation issue, a denial-of-service issue, a...

USN-2257-1: Samba vulnerabilities

Christof Schmitt discovered that Samba incorrectly initialized a certain response field when vfs shadow copy was enabled. A remote authenticated attacker could use this issue to possibly obtain sensitive information. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS. CVE-2014-0178 It was...

[slackware-security] samba (SSA:2014-175-04)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security samba SSA:2014-175-04 New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

[slackware-security] samba

New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/samba-4.1.9-i486-1slack14.1.txz: Upgraded. This update fixes bugs and security issues, including a flaw in Samba's internal DNS...

Debian DSA-2966-1 : samba - security update

Multiple vulnerabilities were discovered and fixed in Samba, a SMB/CIFS file, print, and login server : - CVE-2014-0178 Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled. - CVE-2014-0244 Denia...

DSA-2966-1 samba - security update

Bulletin has no description...

PT-2013-67: Sensitive Information Disclosure in Serv-U File Server

The specialists of the Positive Research center have detected a Sensitive Information Disclosure vulnerability in Serv-U File Server. This vulnerability allows an attacker to find out the system configuration and obtain users’ authentication information via Serv-U variables values. Exploitation...

PT-2013-69: Denial of Service in Serv-U File Server

The specialists of the Positive Research center have detected a Denial of Service vulnerability in Serv-U File Server. Handling HTTP request with a recursive variable causes the application to enter an infinite loop, resulting in Denial of Service. Exploitation...