18 matches found
EUVD-2019-4390
Malware in sbrugna...
EUVD-2008-2696
Malware in sbrugna...
EUVD-2006-5933
Malware in sbrugna...
EUVD-2006-5932
Malware in sbrugna...
CVE-2019-12808
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges...
CVE-2019-12808
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges...
CVE-2019-12808
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges...
Privilege escalation
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges...
CVE-2019-12808
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges...
CVE-2019-12808
CVE-2019-12808 affects ALTOOLS update service (version 18.1 and earlier). The root cause is insecure file permissions that allow an attacker to overwrite an executable that is launched as a service, enabling local privilege escalation to SYSTEM. The available documents confirm the vulnerability a...
KLA10062 LPE vulnerability in ALFtp
An untrusted path vulnerability was found in ALFtp. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited from the network at point related to unknown vectors. Original advisories ALtools advisory Related products Altools-ALFTP CVE list...
CVE-2008-2702
Directory traversal vulnerability in the FTP client in ALTools ESTsoft ALFTP 4.1 beta 2 and 5.0 allows remote FTP servers to create or overwrite arbitrary files via a .. dot dot in a response to a LIST command, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by...
CVE-2008-2702
Directory traversal vulnerability in the FTP client in ALTools ESTsoft ALFTP 4.1 beta 2 and 5.0 allows remote FTP servers to create or overwrite arbitrary files via a .. dot dot in a response to a LIST command, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by...
CVE-2008-2702
CVE-2008-2702 affects the FTP client in ESTsoft ALTools ALFTP (4.1 beta 2 and 5.0). The vulnerability is a directory traversal via .. in a LIST response, allowing a remote FTP server to create or overwrite arbitrary files on the affected system. The note explicitly mentions potential for code exe...
CVE-2006-5949
Directory traversal vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote attackers to create arbitrary directories via directory traversal sequences in a MKD request. NOTE: the provenance of this information is unknown; details are obtained from third party...
CVE-2006-5950
The CVE concerns ALTools ALFTP FTP Server 4.1 beta 1 (and possibly earlier). The vulnerability allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, likely due to response messages. Impact is noted as Partial confidentiality; no exploits...
CVE-2006-5949
Directory traversal vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote attackers to create arbitrary directories via directory traversal sequences in a MKD request. NOTE: the provenance of this information is unknown; details are obtained from third party...
CVE-2006-5950
Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages. NOTE: the provenance of this information is unknown; details...