rsync: Potential information leakage

Background rsync is a utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo's Portage tree. rsyncd is the rsync daemon, which listens to connections from rsync clients. Description The paths sent by t...

PT-2004-2783 · Ipswitch · Ipswitch Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: Ipswitch WS FTP Server version 4.0.2 Description: The issue allows remote attackers to gain access due to a backdoor with the XXSESS MGRYY username that has a default password. Recommendations: For Ipswitch WS FTP Server version 4.0.2, change...

Microsoft MSN Messenger Information Disclosure Vulnerability

Description Microsoft MSN Messenger is prone to an information disclosure vulnerability. When a malformed file transfer request is initiated by a remote user, they may be able to view the contents of files on the remote system. Technologies Affected Microsoft MSN Messenger Service 6.0 Microsoft M...

Important: Red Hat Security Advisory: wu-ftpd security update

An updated wu-ftpd package that fixes two security issues is now available. The wu-ftpd package contains the Washington University FTP File Transfer Protocol server daemon. FTP is a method of transferring files between machines. Glenn Stewart discovered a flaw in wu-ftpd. When configured with...

[slackware-security] lftp security update

lftp is a file transfer program that connects to other hosts using FTP, HTTP, and other protocols. A security problem with lftp has been corrected with the release of lftp-2.6.10. New packages are available for Slackware 8.1, 9.0, 9.1, and -current. Any sites using lftp should upgrade to the new...

msnbug.txt

MSN Messenger bug Release Date: 20/11/03 Discovery date: Sometime around 2001 or 2000 Versions Affected: ------------------ Msn messenger 1.0 - msn messenger 6.0.0602 Windows messenger all versions Not Affected: ------------ Msn Messenger 6.1, trillian, gaim Description: ----------- A bug exists ...

MSN messenger improper file transfer ip-address field parsing

MSN Messenger bug Release Date: 20/11/03 Discovery date: Sometime around 2001 or 2000 Versions Affected: ------------------ Msn messenger 1.0 - msn messenger 6.0.0602 Windows messenger all versions Not Affected: ------------ Msn Messenger 6.1, trillian, gaim Description: ----------- A bug exists ...

IP address leak in MSN messanger

With filte transfer requests it's possible to determine user IP...

YAK! 2.1.0 still vulnerable

YAK! 2.1.0 still vulnerable =========================== for file transfer yak uses ftp mode. Yak! listens on port 3535 for file transfer in ftp mode. vulnerability in the previous version was, they were using constant username and pass combination for ftp login. 2.1.0 version seems to overcome th...

CVE-2003-0831

ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files...

Buffer Overflow in Yahoo messenger Client

Date: Oct 26, 2003 Title: Buffer Overflow in Yahoo messenger Client Vulnerable systems: Yahoo! Messenger version 5.6.0.X Summary: Vulnerability in Yahoo Messenger File Transfer option allows a remote attacker to shut down the victim client. Details: The Yahoo messenger service filters some specia...

Yahoo! Messenger 5.6 - File Transfer Buffer Overrun

Yahoo! Messenger 5.6 - File Transfer Buffer Overrun source: Yahoo! Messenger File Transfer Buffer Overrun Vulnerability Yahoo! Messenger is prone to a remotely exploitable buffer overrun vulnerability. An attacker may trigger this condition by initiating a malformed 'sendfile' request, which the...

ProFTPd 1.2.71.2.8 - .ASCII File Transfer Buffer Overrun

ProFTPd 1.2.71.2.8 - .ASCII File Transfer Buffer Overrun // source: https://www.securityfocus.com/bid/8679/info A remotely exploitable buffer overrun vulnerability has been reported in ProFTPD. This issue could be triggered if an attacker uploads a malformed file and then that file is downloaded ...

Yak! 2.0.1 file trasfer exploit

http://www.digicraft.com.au/yak/ yak 2.0.1 is a software for chattin in lan environment for windows it supports file transfers. the default port it listens is 3535. connecting at 3535 telnet localhost 3535 gives up nice : " 220 ICS FTP Server ready. " meaning for file transfers ftp is being used...

DEBIAN-CVE-2003-0254

Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service CPU consumption by infinite loop when the FTP proxy server fails to create an IPv6 socket...

Multiple bugs in ActiveX components

Local files access in applet com.ms.xml.dso.XMLDSO.class and XMLHTTPConnection ActiveX, buffer overflow in xweb.ocx ActiveX Microsoft DirectX Files Viewer, TSAC and File Transfer Manager FTM ActiveX...

CVE-2003-0505

Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "...." dot dot sequences in a file transfer request...

CVE-2003-0505

Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "...." dot dot sequences in a file transfer request...

core.netmeeting.txt

Core Security Technologies Advisory http://www.coresecurity.com NetMeeting Directory Traversal Vulnerability Date Published: 2003-07-02 Last Update: 2003-07-02 Advisory ID: CORE-2003-0305-04 Bugtraq ID: 7931 CVE Name: None currently assigned. Title: NetMeeting Directory Traversal Vulnerability...

Microsoft NetMeeting directory traversal

Directory traversal during file receiving...