Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.30 views

openSUSE Security Update : pure-ftpd (openSUSE-SU-2011:0483-1)

Pure-ftpd is vulnerable to the STARTTLS command injection issue similar to CVE-2011-0411 of postfix. CVE-2011-1575 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

6.8CVSS8AI score0.33341EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.35 views

openSUSE Security Update : pure-ftpd (openSUSE-SU-2011:0483-1)

Pure-ftpd is vulnerable to the STARTTLS command injection issue similar to CVE-2011-0411 of postfix. CVE-2011-1575 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

6.8CVSS8AI score0.33341EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2011/12/13 12:0 a.m.169 views

SuSE 10 Security Update : pure-ftpd (ZYPP Patch Number 7480)

Pure-ftpd is vulnerable to the STARTTLS command injection issue similar to CVE-2011-0411 of postfix. CVE-2011-1575 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

6.8CVSS8AI score0.33341EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2011/08/03 12:0 a.m.42 views

FreeBSD Ports: pure-ftpd

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5.8CVSS9.2AI score0.33341EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2011/05/26 12:0 a.m.41 views

SuSE 11.1 Security Update : pure-ftpd (SAT Patch Number 4360)

Pure-ftpd is vulnerable to the STARTTLS command injection issue similar to CVE-2011-0411 of postfix. CVE-2011-1575 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...

6.8CVSS8AI score0.33341EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2011/05/26 12:0 a.m.32 views

SuSE 10 Security Update : pure-ftpd (ZYPP Patch Number 7466)

Pure-ftpd is vulnerable to the STARTTLS command injection issue similar to CVE-2011-0411 of postfix. CVE-2011-1575 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

6.8CVSS8AI score0.33341EPSS
Exploits1References4
CVE
CVE
added 2011/05/23 10:0 p.m.105 views

CVE-2011-1575

Technical details about CVE-2011-1575 are not provided in the connected documents. The references mention a plaintext command injection pattern related to STARTTLS in other products (e.g., CVE-2011-0411). Monitor for updates for concrete specifics.

5.8CVSS6.8AI score0.33341EPSS
Exploits0References14Affected Software1
Debian CVE
Debian CVE
added 2011/05/23 10:0 p.m.50 views

CVE-2011-1575

The STARTTLS implementation in ftpparser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext...

5.8CVSS8.8AI score0.33341EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/05/13 12:0 a.m.104 views

openSUSE Security Update : pure-ftpd (openSUSE-SU-2011:0483-1)

Pure-ftpd is vulnerable to the STARTTLS command injection issue similar to CVE-2011-0411 of postfix. CVE-2011-1575 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

6.8CVSS8AI score0.33341EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2011/05/09 12:0 a.m.1022 views

FTP Service AUTH TLS Plaintext Command Injection

The remote FTP server contains a software flaw in its AUTH TLS implementation that could allow a remote, unauthenticated attacker to inject commands during the plaintext protocol phase that will be executed during the ciphertext protocol phase. Successful exploitation could permit an attacker to...

5.8CVSS5.5AI score0.33341EPSS
Exploits0References3
Rows per page
Query Builder