165 matches found
OpenSSH < 7.6 'sftp-server' Security Bypass Vulnerability - Windows
OpenSSH is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...
ALPINE-CVE-2017-15906
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...
Code injection
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...
CVE-2017-15906
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...
DEBIAN-CVE-2017-15906
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...
CVE-2017-15906
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...
CVE-2017-15906
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...
UBUNTU-CVE-2017-15906
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...
NethServer 7.3.1611 CSRF Create User / Enable SSH Access
HTML Decoded PoC: history.pushState'', '', '/' input type="hidden" name="...
CVE-2016-5725
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
CVE-2015-8228
Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors...
Directory traversal
Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors...
Scientific Linux Security Update : openssh on SL5.x i386/x86_64
CVE-2008-5161 OpenSSH: Plaintext Recovery Attack against CBC ciphers A flaw was found in the SSH protocol. An attacker able to perform a man-in-the-middle attack may be able to obtain a portion of plain text from an arbitrary ciphertext block when a CBC mode cipher was used to encrypt SSH...
CentOS Update for openssh CESA-2009:1287 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Core FTP mini-sftp-server Several DoS and Directory Traversal Vulnerabilities
Date of Discovery: 7-Jun-2010 Credits: leinakesiatgmail.com Vendor: Core FTP mini-sftp-server http://www.coreftp.com/server/index.html Affected: Core FTP mini-sftp-server version 1.19. Earlier versions may also be affected. Overview: "Core FTP Server" and "Core FTP mini-core sftp server" are both...
Core FTP mini-sftp-server 1.19 Denial Of Service / Traversal
Date of Discovery: 7-Jun-2010 Credits: leinakesiatgmail.com Vendor: Core FTP mini-sftp-server http://www.coreftp.com/server/index.html Affected: Core FTP mini-sftp-server version 1.19. Earlier versions may also be affected. Overview: "Core FTP Server" and "Core FTP mini-core sftp server" are both...
CentOS 5 : openssh (CESA-2009:1287)
Updated openssh packages that fix a security issue, a bug, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure Shell protocol implementation. These...
RHEL 5 : openssh (RHSA-2009:1287)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2009:1287 advisory. OpenSSH is OpenBSD's SSH Secure Shell protocol implementation. These packages include the core files necessary for both the OpenSSH client and server...
IpSwitch WS_FTP Server SFTP server buffer overflow
Buffer overflow on oversized CWD...
[Full-disclosure] ssh.com ssh-3.2.9.1 sftp server remote off by one
ssh.com ssh-3.2.9.1 sftp server remote off by one ATTENTIONThis has not been tested under reallife conditions ssh-3.2.9.1 which is available from http://ftp.ssh.com/pub/ssh/ contains the same old rootd off by one bug as described bei isec.pl here:...