136 matches found
Croc - Easily And Securely Send Things From One Computer To Another
croc is a tool that allows any two computers to simply and securely transfer files and folders. AFAIK, croc is the only CLI file-transfer tool does all of the following: allows any two computers to transfer data using a relay provides end-to-end encryption using PAKE enables easy cross-platform...
Design/Logic Flaw
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows an attacker to perform unauthorized network file transfers to and from the file system accessible to the affected component. This...
PT-2019-3616 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: A vulnerability in the Secure Copy SCP feature could allow an authenticated, remote attacker to cause a denial of service DoS condition. The issue is...
PT-2019-2795
Name of the Vulnerable Software and Affected Versions ProFTPD versions up to 1.3.5b Description The issue is related to an arbitrary file copy vulnerability in the mod copy module of ProFTPD, allowing for remote code execution and information disclosure without authentication. This can be exploit...
Security update for openssh (moderate)
openSUSE Security Update: Security update for openssh Announcement ID: openSUSE-SU-2019:1602-1 Rating: moderate References: 1065237 1090671 1119183 1121816 1121821 1131709 Cross-References: CVE-2019-6109 CVE-2019-6111 Affected Products: openSUSE Leap 42.3 An update that solves two vulnerabilities...
openSUSE Security Update : openssh (openSUSE-2019-307)
This update for openssh fixes the following issues : Security vulnerabilities addressed : - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816 -...
Security update for openssh (moderate)
openSUSE Security Update: Security update for openssh Announcement ID: openSUSE-SU-2019:0307-1 Rating: moderate References: 1121816 1121821 1125687 Cross-References: CVE-2019-6109 CVE-2019-6111 Affected Products: openSUSE Leap 15.0 An update that solves two vulnerabilities and has one errata is n...
SUSE SLED15 / SLES15 Security Update : openssh (SUSE-SU-2019:0496-1)
This update for openssh fixes the following issues : Security vulnerabilities addressed : CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816 CVE-2019-6111...
DEBIAN-CVE-2019-6110
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server or Man-in-The-Middle attacker can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred...
libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers
The libssh open-source project has issued an update to address an authentication bypass vulnerability in the server code — to say that it’s trivial to exploit is an understatement. The flaw CVE-2018-10933 exists in libssh versions 0.6 and above being used in server mode – and it allows anyone to...
PT-2018-17715 · Mcafee +1 · Mcafee Application/Change Control +1
Name of the Vulnerable Software and Affected Versions: McAfee Application and Change Control MACC versions 8.0.0 Hotfix 4 and earlier Description: The issue allows authenticated users to execute arbitrary code via file transfer from an external system. This is due to a vulnerability in accessing,...
CVE-2017-3742
In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. An attacker with read access to t...
OPENSUSE-SU-2017:0737-1 Security update for irssi
This update to irssi 1.0.2 fixes security issues and bugs. The following vulnerabilities were fixed: boo1029020: Use after free while producing list of netjoins The following non-security changes are included: - Fix in command arg parser to detect missing arguments in tail place - Fix regression...
DEBIAN-CVE-2016-10189
BitlBee before 3.5 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list...
UBUNTU-CVE-2017-5668
bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for...
[SECURITY] Fedora 23 Update: libssh-0.7.3-1.fc23
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, tra nsfer files, use a secure and transparent tunnel for your remote...
Tor Releases Anonymous Instant Messenger. Here's How to Use It
The Tor Project has officially launched the first beta version of Tor Messenger, an open source and Encrypted instant messaging client that works on top of the Tor network. Tor Messenger is designed by keeping both simplicity and privacy in mind. The team claimed that their app encrypts the conte...
CrushFTP 7.2.0 Cross Site Request Forgery / Cross Site Scripting
======================================================== I. Overview ======================================================== Multiple CSRF & Cross-Site Scripting XSS vulnerabilities have been identified in Crushftp 7.2.0 Web Interface on default configuration. These vulnerabilities allows an...
Moderate: Red Hat Security Advisory: kdenetwork security update
Updated kdenetwork packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...
FTPGetter 3.58.0.21 - Buffer Overflow (PASV) Exploit
No description provided by source. !/usr/bin/python Exploit Title: FTPGetter v3.58.0.21 Buffer Overflow PASV Exploit Date: 02/03/2011 Author: modpr0be Software Link: http://www.ftpgetter.com/ftpgettersetup.exe Vulnerable version: = 3.58.0.21 Tested on: Windows XP SP3 VMware Player 3.1.3...