Lucene search
K

165 matches found

OpenVAS
OpenVAS
added 2017/10/27 12:0 a.m.1820 views

OpenSSH < 7.6 'sftp-server' Security Bypass Vulnerability - Windows

OpenSSH is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...

5.3CVSS5.8AI score0.03359EPSS
Exploits0References3
OSV
OSV
added 2017/10/26 3:29 a.m.3 views

ALPINE-CVE-2017-15906

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...

5.3CVSS7AI score0.03359EPSS
Exploits0References1
Prion
Prion
added 2017/10/26 3:29 a.m.207 views

Code injection

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...

5CVSS5.3AI score0.03359EPSS
Exploits0References9Affected Software12
NVD
NVD
added 2017/10/26 3:29 a.m.23 views

CVE-2017-15906

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...

5.3CVSS5.6AI score0.03359EPSS
Exploits0References9
OSV
OSV
added 2017/10/26 3:29 a.m.2 views

DEBIAN-CVE-2017-15906

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...

5.3CVSS6.3AI score0.03359EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2017/10/26 12:0 a.m.5 views

CVE-2017-15906

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...

6.7AI score0.03359EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2017/10/26 12:0 a.m.45 views

CVE-2017-15906

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...

5.3CVSS6.6AI score0.03359EPSS
Exploits0
OSV
OSV
added 2017/10/25 12:0 a.m.2 views

UBUNTU-CVE-2017-15906

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...

5.3CVSS6.7AI score0.03359EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2017/08/28 12:0 a.m.43 views

NethServer 7.3.1611 CSRF Create User / Enable SSH Access

HTML Decoded PoC: history.pushState'', '', '/' input type="hidden" name="...

0.1AI score
Exploits0
OSV
OSV
added 2017/01/19 10:59 p.m.10 views

CVE-2016-5725

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...

5.9CVSS5.7AI score0.24143EPSS
Exploits3References11
NVD
NVD
added 2015/11/24 8:59 p.m.14 views

CVE-2015-8228

Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors...

4CVSS6.4AI score0.01074EPSS
Exploits0References1
Prion
Prion
added 2015/11/24 8:59 p.m.12 views

Directory traversal

Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors...

4CVSS6.8AI score0.01074EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.38 views

Scientific Linux Security Update : openssh on SL5.x i386/x86_64

CVE-2008-5161 OpenSSH: Plaintext Recovery Attack against CBC ciphers A flaw was found in the SSH protocol. An attacker able to perform a man-in-the-middle attack may be able to obtain a portion of plain text from an arbitrary ciphertext block when a CBC mode cipher was used to encrypt SSH...

3.7CVSS6.5AI score0.15395EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.24 views

CentOS Update for openssh CESA-2009:1287 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

3.7CVSS6.5AI score0.15395EPSS
Exploits1References2
securityvulns
securityvulns
added 2010/06/08 12:0 a.m.151 views

Core FTP mini-sftp-server Several DoS and Directory Traversal Vulnerabilities

Date of Discovery: 7-Jun-2010 Credits: leinakesiatgmail.com Vendor: Core FTP mini-sftp-server http://www.coreftp.com/server/index.html Affected: Core FTP mini-sftp-server version 1.19. Earlier versions may also be affected. Overview: "Core FTP Server" and "Core FTP mini-core sftp server" are both...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/08 12:0 a.m.30 views

Core FTP mini-sftp-server 1.19 Denial Of Service / Traversal

Date of Discovery: 7-Jun-2010 Credits: leinakesiatgmail.com Vendor: Core FTP mini-sftp-server http://www.coreftp.com/server/index.html Affected: Core FTP mini-sftp-server version 1.19. Earlier versions may also be affected. Overview: "Core FTP Server" and "Core FTP mini-core sftp server" are both...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/01/06 12:0 a.m.77 views

CentOS 5 : openssh (CESA-2009:1287)

Updated openssh packages that fix a security issue, a bug, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure Shell protocol implementation. These...

3.7CVSS6.7AI score0.15395EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2009/09/02 12:0 a.m.30 views

RHEL 5 : openssh (RHSA-2009:1287)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2009:1287 advisory. OpenSSH is OpenBSD's SSH Secure Shell protocol implementation. These packages include the core files necessary for both the OpenSSH client and server...

3.7CVSS6.7AI score0.15395EPSS
Exploits1References6
securityvulns
securityvulns
added 2008/02/03 12:0 a.m.26 views

IpSwitch WS_FTP Server SFTP server buffer overflow

Buffer overflow on oversized CWD...

4AI score
Exploits0References1
securityvulns
securityvulns
added 2007/05/19 12:0 a.m.37 views

[Full-disclosure] ssh.com ssh-3.2.9.1 sftp server remote off by one

ssh.com ssh-3.2.9.1 sftp server remote off by one ATTENTIONThis has not been tested under reallife conditions ssh-3.2.9.1 which is available from http://ftp.ssh.com/pub/ssh/ contains the same old rootd off by one bug as described bei isec.pl here:...

Exploits0
Rows per page
Query Builder