901 matches found
TFTP Packet Buffer Overflow
libcurl uses the given file part of a TFTP URL in a manner that allows a malicious user to overflow a heap-based memory buffer due to the lack of boundary check. This overflow happens if you pass in a URL with a TFTP protocol prefix "tftp://", using a valid host and a path part that is longer tha...
TFTP Directory Traversal Vulnerabilities - Active Check
The TFTP Trivial File Transfer Protocol allows remote users to read files without having to log in. This may be a big security flaw, especially if tftpd the TFTP server is not well configured by the admin of the remote host. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might b...
security flaw
Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline "%0a" before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command...
libxml2 various overflows
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 libxml2, and possibly other versions, may allow remote attackers to execute arbitrary code via 1 a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, 2 a long proxy URL containing FTP data that is not properly handled...
DEBIAN-CVE-2003-0254
Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service CPU consumption by infinite loop when the FTP proxy server fails to create an IPv6 socket...
Multiple FTP clients contain directory traversal vulnerabilities
Overview Multiple File Transfer Protocol FTP clients contain directory traversal vulnerabilities that allow a malicious FTP server to overwrite files on the client host. Description In a typical file transfer operation, one participant the client requests a file while a second participant the...
Cisco TFTP Server Long Filename DoS (CSCdy03429)
Trivial File Transfer Protocol TFTP is a protocol which allows for easy transfer of files between network connected devices. A vulnerability has been discovered in the processing of filenames within a TFTP read request when Cisco IOS is configured to act as a TFTP server. This vulnerability is...
DEBIAN-CVE-2002-0714
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses...
File Transfer Protocol allows data connection hijacking via PASV mode race condition
Overview There is a vulnerability in the File Transfer Protocol FTP that allows an attacker to hijack FTP data connections when the client connects using passive mode PASV. Description In FTP PASV mode, the client makes a control connection to the FTP server typically port 21/tcp and requests a...
CVE-2001-1484
Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol TFTP to modify firmware and configuration via a bounce attack from a system on the local area network LAN side, which is allowed to access TFTP without authentication...
PT-2001-1559 · Microsoft · Iis
Name of the Vulnerable Software and Affected Versions: IIS versions 5.0 and earlier Description: The issue allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. This can be exploited in the FTP service. Recommendations: For...
Alcatel ADSL modems grant unauthenticated TFTP access via Bounce Attacks
Overview The San Diego Supercomputer Center SDSC has recently discovered several vulnerabilities in the Alcatel Speed Touch line of Asymmetric Digital Subscriber Line ADSL modems. These vulnerabilities are the result of weak authentication and access control policies and result in one or more of...
PT-2000-1128 · Openssh +1 · Openssh +1
Name of the Vulnerable Software and Affected Versions: OpenSSH affected versions not specified Description: The issue allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP...
CVE-1999-0035
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files...
CVE-1999-0614
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration CCE. Notes: the former description i...
CVE-1999-0616
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration CCE. Notes: the former description i...
PT-1997-1005 · Ibm +8 · Aix +10
Name of the Vulnerable Software and Affected Versions: FTP servers affected versions not specified Description: The issue allows an attacker to connect to arbitrary ports on machines other than the FTP client. This is also known as FTP bounce. Recommendations: At the moment, there is no informati...
PT-1997-1084 · Linux · Linux Tftp
Name of the Vulnerable Software and Affected Versions: Linux TFTP affected versions not specified Description: The issue allows access to files outside the restricted directory in Linux implementations of TFTP. Recommendations: At the moment, there is no information about a newer version that...
PT-1997-1042 · Sgi · Irix
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns a file descriptor leak in the getcwd function when using FTP. Recommendations: At the moment, there is no information about a newer version that contains a fix fo...
PT-1997-1093 · Ftp · Ftp
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. Recommendations: At the moment, there is no information about a newer version th...