Lucene search
K

164 matches found

OSV
OSV
added 2022/02/17 1:15 p.m.3 views

CVE-2022-22899

Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service DoS via a crafted packet through the SSH service...

5.5CVSS6.1AI score0.00863EPSS
Exploits1References3
Prion
Prion
added 2022/02/17 1:15 p.m.21 views

Design/Logic Flaw

Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service DoS via a crafted packet through the SSH service...

2.6CVSS5.5AI score0.00863EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2022/02/17 12:51 p.m.114 views

CVE-2022-22899

Core FTP / SFTP Server v2 Build 725 is affected by a buffer error in the SSH service that allows unauthenticated attackers to cause a Denial of Service via a crafted SSH packet. Documented impact is DoS; attack path is network-based, with no authentication required. Remediation guidance across so...

5.5CVSS5.5AI score0.00863EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/02/17 12:0 a.m.6 views

Core FTP 缓冲区错误漏洞

Core FTP is a file transfer server. Core FTP / SFTP Server v2 Build 725 suffers from a buffer error vulnerability that could allow an unauthenticated attacker to cause a denial of service DoS via a SSH service via a crafted packet...

5.5CVSS6AI score0.00863EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/11/19 7:24 p.m.4 views

libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL

A flaw was found in libssh. A NULL pointer dereference in tftpserver.c if sshbuffernew returns NULL...

5.9CVSS6.7AI score0.04105EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2020/05/07 12:0 a.m.13 views

Linux: SSH Subsystem

Subsystem: Configures an external subsystem e.g. file transfer daemon. Arguments should be a subsystem name and a command with optional arguments to execute upon subsystem request. The command sftp-server implements the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be...

7.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/05/05 12:0 a.m.61 views

AIX OpenSSH Advisory : openssh_advisory11.asc

The version of OpenSSH installed on the remote AIX host is affected by a vulnerability in the processopen function of sftp-server.c in OpenSSH in that it does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. %NASLMINLEVEL 70300 C Tenable...

5.3CVSS6.4AI score0.03359EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.36 views

CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)

class MetasploitModule 'CVE-2019-9649 CoreFTP FTP Server Version 674 and below MDTM Directory Traversal', 'Description' = %qAn issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal ....\ to browse...

5.3CVSS5.6AI score0.14535EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.61 views

CoreFTP 2.0 Build 674 SIZE - Directory Traversal (Metasploit)

class MetasploitModule 'CVE-2019-9648 CoreFTP FTP Server Version 674 and below SIZE Directory Traversal', 'Description' = %qAn issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a .......

5.3CVSS5.6AI score0.1433EPSS
Exploits7
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2018-1141)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.9AI score0.03359EPSS
Exploits0References2
0day.today
0day.today
added 2019/08/26 12:0 a.m.55 views

CoreFTP Server MDTM Directory Traversal Exploit

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal ....\ to browse outside the root directory to determine the existence of a file on the operating system, and the last modified date. Exploit...

5.3CVSS0.6AI score0.14535EPSS
Exploits8
Packet Storm
Packet Storm
added 2019/08/23 12:0 a.m.205 views

CoreFTP Server MDTM Directory Traversal

Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal Metasploit Google Dork: N/A Date: 8/21/2019 Exploit Author: Kevin Randall Vendor Homepage: https://www.coreftp.com Software Link: http://www.coreftp.com/server/index.html Version: Firmware: CoreFTP Server FTP ...

5CVSS0.3AI score0.14535EPSS
Exploits8
NVD
NVD
added 2019/03/22 8:29 p.m.38 views

CVE-2019-9649

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique ....\ to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date...

5.3CVSS5.2AI score0.14535EPSS
Exploits8References6
Prion
Prion
added 2019/03/22 8:29 p.m.17 views

Directory traversal

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique ....\ to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date...

5CVSS5.2AI score0.14535EPSS
Exploits8References6Affected Software1
Prion
Prion
added 2019/03/22 7:29 p.m.13 views

Directory traversal

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a ....\ substring, allowing an attacker to enumerate file existence based on the returned information...

5CVSS5.2AI score0.1433EPSS
Exploits7References6Affected Software1
NVD
NVD
added 2019/03/22 7:29 p.m.28 views

CVE-2019-9648

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a ....\ substring, allowing an attacker to enumerate file existence based on the returned information...

5.3CVSS5.3AI score0.1433EPSS
Exploits7References6
OSV
OSV
added 2019/03/22 7:29 p.m.1 views

CVE-2019-9648

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a ....\ substring, allowing an attacker to enumerate file existence based on the returned information...

5.3CVSS6.1AI score0.1433EPSS
Exploits7References6
Cvelist
Cvelist
added 2019/03/22 7:2 p.m.40 views

CVE-2019-9649

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique ....\ to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date...

5.2AI score0.14535EPSS
Exploits8References6
CVE
CVE
added 2019/03/22 7:2 p.m.117 views

CVE-2019-9649

CVE-2019-9649 concerns Core FTP Server (FTP/SFTP) v2 build 674 and earlier. A directory-traversal flaw in the MDTM FTP command allows a remote attacker to use a ....\ sequence to navigate outside the root directory and determine whether a file exists and its last-modified date. Affected component...

5.3CVSS5.1AI score0.14535EPSS
Exploits8References6Affected Software1
Cvelist
Cvelist
added 2019/03/22 6:49 p.m.30 views

CVE-2019-9648

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a ....\ substring, allowing an attacker to enumerate file existence based on the returned information...

5.2AI score0.1433EPSS
Exploits7References6
Rows per page
Query Builder