Lucene search
K

164 matches found

Packet Storm
Packet Storm
added 2006/01/21 12:0 a.m.23 views

ISAA-2006-001.txt

============================================= INTERNET SECURITY AUDITORS ALERT 2006-001 - Original release date: January 09, 2006 - Last revised: January 13, 2006 - Discovered by: Jesus Olmos Gonzalez - Severity: 4/5 ============================================= I. VULNERABILITY...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/01/16 12:0 a.m.58 views

[ISecAuditors Advisories] Arbitrary remote file creation in 123flashchat server

============================================= INTERNET SECURITY AUDITORS ALERT 2006-001 - Original release date: January 09, 2006 - Last revised: January 13, 2006 - Discovered by: Jesus Olmos Gonzalez - Severity: 4/5 ============================================= I. VULNERABILITY...

1.3AI score
Exploits0
CVE
CVE
added 2005/06/07 4:0 a.m.53 views

CVE-2005-1874

CVE-2005-1874 describes a directory-traversal vulnerability in the Dzip tool prior to version 2.9, allowing remote attackers to create arbitrary files by supplying a filename containing a “..” in a .dz archive. The issue affects Dzip’s archive extraction logic and could enable arbitrary file writ...

5CVSS6.7AI score0.0164EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.21 views

CVE-2004-1673

accountsettingsadd.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote attackers to create text files with arbitrary content via the accountid parameter...

6.9AI score0.01746EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.20 views

CVE-2004-1679

Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ triple dot in the 1 CWD, 2 STOR, or 3 RETR commands...

6.7AI score0.01745EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/02/10 5:0 a.m.18 views

CVE-2005-0331

Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... triple dot in the filename of the ZIP file...

6.7AI score0.01446EPSS
Exploits0References3
NVD
NVD
added 2004/10/12 4:0 a.m.12 views

CVE-2004-1673

accountsettingsadd.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote attackers to create text files with arbitrary content via the accountid parameter...

7.5CVSS6.9AI score0.01746EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.26 views

Debian DSA-065-1 : samba - remote file append/creation

Michal Zalewski discovered that Samba does not properly validate NetBIOS names from remote machines. By itself that is not a problem, except if Samba is configured to write log-files to a file that includes the NetBIOS name of the remote side by using the %m' macro in the log file' command. In th...

10CVSS5.7AI score0.12032EPSS
Exploits1References2
CVE
CVE
added 2004/09/01 4:0 a.m.47 views

CVE-2002-1425

CVE-2002-1425 describes a directory traversal vulnerability in the munpack utility (part of mpack) versions 1.5 and earlier. The issue allows remote attackers to create new files in the parent directory by supplying a filename containing a ../ sequence during extraction. Debian DSAs and OpenVAS e...

6.4CVSS6.5AI score0.01881EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.14 views

CVE-2002-1425

Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ dot-dot sequence in the filename to be extracted...

6.4AI score0.01881EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.38 views

CVE-2002-1425

Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ dot-dot sequence in the filename to be extracted...

6.4CVSS6.3AI score0.01881EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.43 views

SuSE-SA:2003:014: kdelibs/kdelibs3

The remote host is missing the patch for the advisory SuSE-SA:2003:014 kdelibs/kdelibs3. The kdelibs3 kdelibs for SLES7 based products package is a core package for the K desktop environment KDE. The URI handler of the kdelibs3 and kdelibs class library contains a flaw which allows remote attacke...

7.5CVSS5.7AI score0.07778EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/23 12:0 a.m.15 views

Fedora Core 1 : cvs-1.11.15-1 (2004-110)

The client for CVS before 1.11.15 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates. Updated packages were made available in April 2004 however the original update notification email did not make it ...

5.7AI score
Exploits0References1
OSV
OSV
added 2004/06/01 4:0 a.m.6 views

CVE-2004-0180

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

6.5AI score
Exploits0References27
NVD
NVD
added 2004/06/01 4:0 a.m.13 views

CVE-2004-0180

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

2.6CVSS6.5AI score0.01832EPSS
Exploits0References23
securityvulns
securityvulns
added 2004/05/13 12:0 a.m.26 views

[Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability

Opera Telnet URI Handler File Creation/Truncation Vulnerability iDEFENSE Security Advisory 05.12.04 www.idefense.com/application/poi/display?id=104&type=vulnerabilities May 12, 2004 I. BACKGROUND Opera is a cross-platform web browser. More information is available from http://www.opera.com/ II...

0.1AI score
Exploits0
NVD
NVD
added 2003/04/11 4:0 a.m.13 views

CVE-2002-1422

admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters...

5CVSS6.7AI score0.0661EPSS
Exploits1References4
OSV
OSV
added 2003/04/11 4:0 a.m.5 views

DEBIAN-CVE-2002-1425

Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ dot-dot sequence in the filename to be extracted...

6.4CVSS6.6AI score0.01881EPSS
Exploits0References1
NVD
NVD
added 2002/12/31 5:0 a.m.26 views

CVE-2002-1716

The Host function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability...

5CVSS6.7AI score0.14261EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2002/12/31 12:0 a.m.4 views

PT-2002-2438 · Microsoft · Office Xp

Name of the Vulnerable Software and Affected Versions: Microsoft Office XP Description: The issue concerns the Host function in the Microsoft spreadsheet component, which allows remote attackers to create arbitrary files using the SaveAs capability. Recommendations: For Microsoft Office XP,...

5CVSS6.9AI score0.14261EPSS
Exploits0References6
Rows per page
Query Builder