2 matches found
FreeBSD Ports: newsgrab
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2005-0153: newsgrab file names directory traversal
CVE-2005-0153 affects Newsgrab on UNIX. Versions prior to 0.5.0pre4 allow a remote attacker to perform a directory-traversal via crafted file names (containing ..), enabling overwriting arbitrary files on the system with the user’s privileges. The issue stems from improper validation of user-supp...