Lucene search
K

790 matches found

CVE
CVE
added 2006/04/24 11:0 p.m.51 views

CVE-2006-1951

The CVE-2006-1951 entry targets SolarWinds TFTP Server versions 8.1 and earlier. A directory traversal flaw allows remote attackers to download arbitrary files by issuing crafted GET requests containing sequences like ....//, which are collapsed into ../ by filtering. This bypass enables access o...

5CVSS6.7AI score0.04016EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2006/04/24 11:0 p.m.17 views

CVE-2006-1952

Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and earlier allows remote attackers to read arbitrary files via "..." triple dot sequences in a GET request...

6.8AI score0.0424EPSS
Exploits0References6
CVE
CVE
added 2006/04/24 11:0 p.m.36 views

CVE-2006-1952

The CVE-2006-1952 entry describes a directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and earlier. The issue allows remote attackers to read arbitrary files by using triple dot sequences ("...") in a GET request. Root cause is improper handling of path traversal, enabling...

5CVSS6.8AI score0.0424EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2006/04/22 12:0 a.m.39 views

Rapid7 Advisory R7-0019: Directory traversal vulnerability in SolarWinds TFTP Server for Windows

Rapid7, LLC Security Advisory Rapid7 Advisory R7-0019 Directory traversal vulnerability in SolarWinds TFTP Server for Windows Date: April 21, 2006 Revision: 1.0 http://www.rapid7.com/advisories/R7-0019.html CVE: CVE-2006-1951 1. Affected systems: KNOWN VULNERABLE: o SolarWinds TFTP Server v8.1 an...

5CVSS0.3AI score0.04016EPSS
Exploits0
securityvulns
securityvulns
added 2006/04/22 12:0 a.m.44 views

SolarWinds free Windows TFTP server directory traversal

Directory traversal with requests like get NUL/....//....//WINNT/win.ini...

3.7AI score
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2006/03/26 12:0 a.m.17 views

Update Protection against Tftpd32 Request Error Message Format String Vulnerability

Tftpd32 is a freeware TFTP server designed for Microsoft Windows operating systems. A vulnerability has been identified in Tftpd32, specifically in the processing of Get requests containing a malformed filename. An attacker capable of sending a specially crafted filename can cause a vulnerable...

5CVSS6.6AI score0.07572EPSS
Exploits1
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.241 views

TFTP File Detection (Cisco CallManager) - Active Check

The remote host has a TFTP server installed that is serving one or more Cisco CallManager files. SPDX-FileCopyrightText: 2005 Corsaire Limited Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

5.9AI score
Exploits0
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.19 views

TFTP File Detection (HP Ignite-UX) - Active Check

The remote host has a TFTP server installed that is serving one or more sensitive HP Ignite-UX files. SPDX-FileCopyrightText: 2005 Corsaire Limited Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

5.9AI score
Exploits0
securityvulns
securityvulns
added 2006/01/20 12:0 a.m.69 views

tftpd32 TFTP server format string vulnerability

SEND and GET TFTP commands format string bug...

1.6AI score
Exploits0References1Affected Software1
myhack58
myhack58
added 2005/12/30 12:0 a.m.15 views

Ms05039 worms in the VC achieve-vulnerability warning-the black bar safety net

Article author: Zhang GE(nickchang) Information source: evil octal information security teamwww.eviloctal.com to This year 8 month, a new worm sniper wave using a ms05039 PnP service vulnerability because ms05039 exploit online is public, please see, you can use this exploit to get the other...

7.5AI score
Exploits0
CVE
CVE
added 2005/11/16 7:37 a.m.51 views

CVE-2003-1264

The CVE-2003-1264 issue affects the TFTP server used by Longshine WAP LCS-883R-AC-B and by the D-Link DI-614+ 2.0 based on it. The vulnerability enables remote attackers to download the configuration file (config.img) and other files without authentication, allowing access to the WEP secret and e...

5CVSS7.2AI score0.01622EPSS
Exploits1References5Affected Software2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.20 views

TFTP File Detection (Cisco IOS) - Active Check

The remote host has a TFTP server installed that is serving one or more sensitive Cisco IOS files. SPDX-FileCopyrightText: 2005 Corsaire Limited Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

5.9AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.96 views

TFTP Directory Traversal Vulnerabilities - Active Check

The TFTP Trivial File Transfer Protocol allows remote users to read files without having to log in. This may be a big security flaw, especially if tftpd the TFTP server is not well configured by the admin of the remote host. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might b...

10CVSS7.4AI score0.12546EPSS
Exploits2References4
securityvulns
securityvulns
added 2005/09/16 12:0 a.m.25 views

vxTftpSrv TFTP server for Pocket PC buffer overflow

Buffer overflow on oversized file name...

4.1AI score
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2005/08/26 12:0 a.m.692 views

Cisco CallManager TFTP File Detection

The remote host has a TFTP server installed that is serving one or more Cisco CallManager files. These files do not themselves include any sensitive information, but do identify the TFTP server as being part of a Cisco CallManager environment. The CCM TFTP server is an essential part of providing...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/08/26 12:0 a.m.193 views

HP Ignite-UX TFTP File Access Information Disclosure

The remote host has a TFTP server installed that is serving one or more HP Ignite-UX files. These files may contain sensitive information. A remote attacker could use this information to mount further attacks. This NASL script was written by Martin O'Neal of Corsaire http://www.corsaire.com The...

5.6AI score
Exploits0
CVE
CVE
added 2005/08/19 4:0 a.m.58 views

CVE-2004-0952

Affected software : HP-UX B.11.00–B.11.23 running Ignite-UX. Vulnerability : the add_new_client operation in Ignite-UX causes the TFTP server to grant world-writable permissions to part of the directory tree. Impact : remote attackers could modify data or trigger disk consumption via unauthorized...

6.4CVSS6.7AI score0.04615EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2005/08/19 4:0 a.m.62 views

CVE-2004-0951

HP Ignite-UX: The TFTP service’s make_recovery command (pre-C.6.2.241) copies the password file within the TFTP directory tree, enabling remote disclosure of /etc/passwd. Affected: HP-UX Ignite-UX TFTP server. Impact: partial confidentiality. Remediation: upgrade to C.6.2.241 or later (HP Ignite-...

7.5CVSS6.7AI score0.04464EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/08/19 4:0 a.m.26 views

CVE-2004-0951

The makerecovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information...

6.7AI score0.04464EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/08/18 4:0 a.m.14 views

CVE-2004-2432

WinAgents TFTP Server 3.0 allows remote attackers to cause a denial of service crash via a request for a file with a long file name, possibly due to an off-by-one buffer overflow...

6.9AI score0.02492EPSS
Exploits1References6
Rows per page
Query Builder