Lucene search
K

172 matches found

Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.52 views

Fedora 27 : openssh (2017-96d1995b70)

This update provides new upstream release OpenSSH 7.6 with several bug fixes and new features, including CVE-2017-15906, compatibility with WinSCP, improvement for PAM stack, enablement for s390x sandbox, new GSSAPI key exchange methods and improvement of handling kerberos tickets. Note that...

5.3CVSS6.3AI score0.03359EPSS
Exploits0References2
Kitploit
Kitploit
added 2017/08/31 2:30 p.m.40 views

RedSnarf - A Pen-Testing / Red-Teaming Tool For Windows Environments

RedSnarf is a pen-testing / red-teaming tool by Ed Williams for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques. RedSnarf functionality includes: Retrieval of local SAM hashes Enumeration of user/s running with elevated syste...

7.8AI score
Exploits0References3
0day.today
0day.today
added 2017/04/17 12:0 a.m.32 views

WinSCP 5.9.4 - LIST Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: WinSCP 5.9.4 - LIST Command Denial of service Crush application Date: 4-4-2017 mm.dd.yy Exploit Author: M.Ibrahim email protected E-Mail: vulnbug gmail.com Vendor Home Page: https://winscp.net/eng/index.php Vendor download link:...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/17 12:0 a.m.52 views

WinSCP 5.9.4 LIST Denial Of Service

Exploit Title: WinSCP 5.9.4 - LIST Command Denial of service Crush application Date: 4-4-2017 mm.dd.yy Exploit Author: M.Ibrahim [email protected] E-Mail: vulnbug gmail.com Vendor Home Page: https://winscp.net/eng/index.php Vendor download link: https://winscp.net/download/WinSCP-5.9.4-Setup.exe...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/16 12:0 a.m.28 views

WinSCP 5.9.4 - LIST Denial of Service (Metasploit)

WinSCP 5.9.4 - LIST Denial of Service Metasploit Exploit Title: WinSCP 5.9.4 - LIST Command Denial of service Crush application Date: 4-4-2017 mm.dd.yy Exploit Author: M.Ibrahim [email protected] E-Mail: vulnbug gmail.com Vendor Home Page: https://winscp.net/eng/index.php Vendor download link:...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/16 12:0 a.m.49 views

WinSCP 5.9.4 - 'LIST' Denial of Service (Metasploit)

Exploit Title: WinSCP 5.9.4 - LIST Command Denial of service Crush application Date: 4-4-2017 mm.dd.yy Exploit Author: M.Ibrahim [email protected] E-Mail: vulnbug gmail.com Vendor Home Page: https://winscp.net/eng/index.php Vendor download link: https://winscp.net/download/WinSCP-5.9.4-Setup.exe...

7.4AI score
Exploits0
FireEye
FireEye
added 2017/03/09 8:0 a.m.14 views

Using the Registry to Discover Unix Systems and Jump Boxes

On red team engagements, Mandiant consultants are often tasked with identifying and obtaining access to critical Unix systems within our client’s environments. The objectives may include obtaining payment card data on point of sale terminals or accessing intellectual property residing on Apple...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2016/09/09 12:0 a.m.26 views

WinSCP 5.9.1 DLL Hijacking

Exploit Title: WinSCP DLL Hijacking Exploit shcore.dll Date: 03-09-2016 Author: Ashiyane Digital Security Team Vendor Homepage:http://winscp.net/ Software Link: http://winscp.net/download/WinSCP-5.9.1-Setup.exe Version:5.9.1 Tested on:Windows 7 Exploit by : Amir.ght...

0.2AI score
Exploits0
CNVD
CNVD
added 2016/08/14 12:0 a.m.2 views

WinSCP ftp client memory corruption vulnerability

WinSCP is a Windows environment using SSH open source graphical SFTP client . It also supports the SCP protocol. Its main function is to securely copy files between local and remote computers. A memory corruption vulnerability exists in WinSCP ftp client due to the software's lax input checking...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/07/19 12:0 a.m.60 views

WinSCP History

Nessus was able to generate a report of WinSCP connections and connection settings. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid92437; scriptversion"1.5"; scriptcvsdate"Date: 2018/05/23 16:10:01"; scriptnameenglish:"WinSCP History"; scriptsummaryenglish:"WinSCP...

5.4AI score
Exploits0References1
Veeam
Veeam
added 2015/09/08 12:0 a.m.32 views

How to Use SFTP With Multi-OS FLR

New Feature for Improve Restore Performance Starting in Veeam Backup & Replication 11, when performing a Multi-OS File Level Restore Linux FLR, it is now possible to select an existing Linux machine to act as the helper appliance where the backup files will be mounted to retrieve files. This now...

7AI score
Exploits0Affected Software1
Kitploit
Kitploit
added 2015/08/27 3:44 p.m.18 views

NetRipper - Smart Traffic Sniffing for Penetration Testers

NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption. NetRipp...

7.3AI score
Exploits0References1
n0where
n0where
added 2015/08/14 3:28 a.m.35 views

Smart Traffic Sniffing: NetRipper

Smart Traffic Sniffing NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before...

Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/10/07 12:0 a.m.157 views

WinSCP 5.x < 5.5.5 Multiple Vulnerabilities

The WinSCP program installed on the remote host is version 4.3.8, 4.3.9, 4.4.0, or 5.x prior to 5.5.5. It therefore contains a bundled version of OpenSSL prior to 1.0.1i which is affected by the following vulnerabilities : - A memory double-free error exists related to handling DTLS packets that...

7.5CVSS7AI score0.7408EPSS
Exploits0References13
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

WinSCP 3.5.6 Long URI Handling Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10160/info It has been reported that WinSCP may be prone to a denial of service condition resulting from memory corruption. This issue occurs when the application attempts to handle excessively long 'sftp:' or 'scp'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

WinSCP 3.8.1 URI Handler Remote Arbitrary File Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18384/info WinSCP is prone to an arbitrary file-access vulnerability. An attacker can exploit this issue to upload arbitrary files to a victim user's computer or to download arbitrary files from the victim's computer in t...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.8 views

WinSCP <= 4.0.3 URL Protocol Handler Arbitrary File Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25655/info WinSCP is prone to a vulnerability that lets an attacker upload arbitrary files to a victim's computer or to download arbitrary files from the victim's computer in the context of the vulnerable application. Thi...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/20 12:0 a.m.122 views

WinSCP 5.x < 5.5.4 Multiple Vulnerabilities

The WinSCP program installed on the remote host is version 4.3.8, 4.3.9, 4.4.0 or 5.x prior to 5.5.4. It therefore contains a bundled version of OpenSSL prior to 1.0.1h which is affected by the following vulnerabilities : - An error exists in the 'ssl3readbytes' function that permits data to be...

7.4CVSS7.5AI score0.99977EPSS
Exploits13References15
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.44 views

CVE-2014-2735 - WinSCP: missing X.509 validation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-003 Product: WinSCP Affected Versions: 5.5.2.4130 Tested Versions: 5.5.2.4130 Windows 7 32 bit and Windows 8.1 64 bit Vulnerability Type: Missing X.509 validation Risk Level: Medium Solution Status: Fixed Vendor Notification:...

5.8CVSS7.2AI score0.00793EPSS
Exploits0
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.61 views

WinSCP proteciton bypass

Server X.509 certificate is not validated...

5.8CVSS1.8AI score0.00793EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder