Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1763)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

Apache ActiveMQ Improper Input Validation Vulnerability

The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq

CVE-2016-3088 Apache ActiveMQ Remote Code Execution Exploit...

Path Traversal

md-fileserver is vulnerable to path traversal. The attack exists through improper configuration of permissions to the files under the user's home directory of server, allowing anyone having remote access to access the other users files...

CVE-2012-4603

Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver...

CVE-2012-4603

CVE-2012-4603 affects Citrix XenApp Online Plug-in for Windows (12.1 and earlier) and Citrix Receiver for Windows (3.2 and earlier). Reported vulnerability allows remote code execution when a user opens a specially crafted file from an SMB or WebDAV fileserver. The initial description does not sp...

Security Bulletin: IBM Security Guardium is affected by a FileServer functionality vulnerability

Summary IBM Security Guardium has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4292 DESCRIPTION: IBM Security Guardium could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. CV...

Node.js third-party modules: [md-fileserver] Path Traversal

I would like to report path traversal in md-fileserver modulee It allows an attacker to read system files via path traversal through commandline Module module name: md-fileserver version: 1.3.2 npm page: https://www.npmjs.com/package/md-fileserver Module Description Starts a local server to rende...

Apache ActiveMQ 5.x < 5.14.0 ActiveMQ Fileserver web application remote code execution (Xbash)

The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.14.0. It is, therefore, affected by a remote code execution vulnerability. The Fileserver web application allows remote attackers to upload and execute arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

VulnCheck KEV: CVE-2016-3088

The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

Directory traversal

cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16122

Summary: CVE-2017-16122 affects the simple fileserver named cuciuci , where a directory traversal vulnerability exists via the URL containing sequences like ../. This can allow an attacker to access files outside the intended directory root, potentially disclosing private files. The issue is docu...

CVE-2017-16122

cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

Apache ActiveMQ Fileserver remote code execution vulnerability(CVE-2016-3088)

Author: The know Chong Yu 404 laboratory 1. Background overview ActiveMQ is an Apache Software Foundation under an open source message-driven middleware software. Jetty is an open source servlet container, it is based on Java web container such as JSP and servlet to provide the running...

DEBIAN-CVE-2016-9772

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...

UBUNTU-CVE-2016-9772

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...

Updated openafs packages fix security vulnerability

Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain "dead" directory entry information. This extraneous information is not active - that is, it is logically invisible to the fileserver and client. However, the leaked information is...

activemq: Fileserver web application vulnerability allowing RCE

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

Apache ActiveMQ Fileserver Multi Methods Directory Traversal (CVE-2016-3088)

A directory traversal vulnerability exists in Apache ActiveMQ. The vulnerability is due to insufficient input validation in the destination header when processing a MOVE request or in the file upload functionality when processing a PUT request. A remote, unauthenticated attacker may exploit this...