110 matches found
Input validation
A vulnerability in the Secure Copy Protocol SCP server of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of...
CVE-2018-0279
A vulnerability in the Secure Copy Protocol SCP server of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of...
UBUNTU-CVE-2016-2563
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...
The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure
The vulnerability of SCP and SFTP modules in the Cisco IOS operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service interruptions...
Cisco IOS XR SCP and SFTP Modules DoS (cisco-sa-20160323-ncs)
According to its self-reported version, the Cisco IOS XR software running on the remote device is affected by a denial of service vulnerability in the Secure Copy Protocol SCP and Secure FTP SFTP modules due to insecure permissions on certain files. An authenticated, remote attacker can exploit...
Cisco NCS6000 IOS XR Software Secure Copy Protocol and Secure FTP Denial of Service Vulnerabilities
Cisco IOS XR for Cisco NCS6000 is a network operating system from Cisco that runs in the NCS 6000 series routers. A security vulnerability exists in the SCP and SFTP modules in Cisco IOS XR Software versions 5.0.0 through 5.2.5 for Cisco NCS 6000 due to the program failing to properly set...
Cisco IOS XR Software SCP and SFTP Modules Denial of Service Vulnerability
A vulnerability in the Secure Copy Protocol SCP and Secure FTP SFTP modules of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite system files and cause a denial of service DoS condition. The vulnerability is due to improper setting of permissions on the filesystem f...
curl: local file access via unsafe redirects
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...
security flaw
Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992...
DEBIAN-CVE-2000-0992
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. dot dot attack...