Lucene search
K

17 matches found

Packet Storm
Packet Storm
added 2017/11/03 12:0 a.m.54 views

tnftp "savefile" Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'tnftp "savefile" Arbitrary Command Execution', 'Description' = %q This module exploits an arbitrary command execution vulnerability in tnftp's...

7.5CVSS4.8AI score0.69115EPSS
Exploits8
Circl
Circl
added 2017/11/03 12:0 a.m.35 views

CVE-2014-8517

creationtimestamp| type| source ---|---|--- 2017-11-03 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43112 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/tnftpsavefile.rb 2025-02-06 03:13:42+00:00| seen|...

7.5CVSS5.5AI score0.69115EPSS
Exploits8References2
Exploit DB
Exploit DB
added 2017/11/03 12:0 a.m.801 views

tnftp - 'savefile' Arbitrary Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'tnftp "savefile" Arbitrary Command Execution', 'Description' = %q This module exploits an arbitrary command execution vulnerability in tnftp's...

7.5CVSS7.4AI score0.69115EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2016/11/15 12:0 a.m.35 views

GLSA-201611-05 : tnftp: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201611-05 tnftp: Arbitrary code execution The fetchurl function in usr.bin/ftp/fetch.c allows remote attackers to execute arbitrary commands via a Impact : A remote attacker could possibly execute arbitrary code with the privilege...

7.5CVSS6.2AI score0.69115EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2016/08/12 12:0 a.m.38 views

FreeBSD : FreeBSD -- Remote command execution in ftp(1) (7488378d-6007-11e6-a6c3-14dae9d210b8)

A malicious HTTP server could cause ftp1 to execute arbitrary commands. Impact : When operating on HTTP URIs, the ftp1 client follows HTTP redirects, and uses the part of the path after the last '/' from the last resource it accesses as the output filename if '-o' is not specified. If the output...

7.5CVSS6.1AI score0.69115EPSS
Exploits8References2
0day.today
0day.today
added 2014/12/16 12:0 a.m.84 views

tnftp - clientside BSD Exploit

Exploit for bsd platform in category remote exploits !/usr/bin/env python2 Exploit Title: tnftp BSD exploit Date: 11/29/2014 Exploit Author: dash Vendor Homepage: www.freebsd.org Version: FreeBSD 8/9/10 Tested on: FreeBSD 9.3 CVE : CVE-2014-8517 tnftp exploit CVE-2014-8517tested against freebsd 9...

7.5CVSS4.9AI score0.69115EPSS
Exploits8
exploitpack
exploitpack
added 2014/12/02 12:0 a.m.45 views

tnftp (FreeBSD 8910) - tnftp Client Side

tnftp FreeBSD 8910 - tnftp Client Side !/usr/bin/env python2 Exploit Title: tnftp BSD exploit Date: 11/29/2014 Exploit Author: dash Vendor Homepage: www.freebsd.org Version: FreeBSD 8/9/10 Tested on: FreeBSD 9.3 CVE : CVE-2014-8517 tnftp exploit CVE-2014-8517tested against freebsd 9.3...

7.5CVSS3.7AI score0.69115EPSS
Exploits8
Exploit DB
Exploit DB
added 2014/12/02 12:0 a.m.57 views

tnftp (FreeBSD 8/9/10) - 'tnftp' Client Side

!/usr/bin/env python2 Exploit Title: tnftp BSD exploit Date: 11/29/2014 Exploit Author: dash Vendor Homepage: www.freebsd.org Version: FreeBSD 8/9/10 Tested on: FreeBSD 9.3 CVE : CVE-2014-8517 tnftp exploit CVE-2014-8517tested against freebsd 9.3...

7.5CVSS3.7AI score0.69115EPSS
Exploits8
OSV
OSV
added 2014/11/17 4:59 p.m.10 views

CVE-2014-8517

The fetchurl function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | pipe character at the end of an HTTP redirect...

7.3AI score
Exploits0References11
UbuntuCve
UbuntuCve
added 2014/11/17 4:59 p.m.32 views

CVE-2014-8517

The fetchurl function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | pipe character at the end of an HTTP redirect...

7.5CVSS6.2AI score0.69115EPSS
Exploits8References2
Debian CVE
Debian CVE
added 2014/11/17 4:0 p.m.33 views

CVE-2014-8517

The fetchurl function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | pipe character at the end of an HTTP redirect...

7.5CVSS7.1AI score0.69115EPSS
Exploits8
CVE
CVE
added 2014/11/17 4:0 p.m.109 views

CVE-2014-8517

CVE-2014-8517 affects tnftp’s ftp(1) client, where handling of HTTP URIs can cause arbitrary command execution when the redirected filename ends with a pipe character. The NetBSD/tnftp fetch_url code path parses the last segment after redirects as the output filename, and if it begins with |, the...

7.5CVSS4.7AI score0.69115EPSS
Exploits8References10Affected Software1
Cvelist
Cvelist
added 2014/11/17 4:0 p.m.44 views

CVE-2014-8517

The fetchurl function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | pipe character at the end of an HTTP redirect...

4.5AI score0.69115EPSS
Exploits8References10
OpenVAS
OpenVAS
added 2014/11/12 12:0 a.m.28 views

Fedora Update for tnftp FEDORA-2014-14113

Check the version of tnftp SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868476";...

7.5CVSS6.3AI score0.69115EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2014/11/11 12:0 a.m.52 views

openSUSE Security Update : tnftp (openSUSE-SU-2014:1383-1)

tnftp was updated to fix the possible execution of commands by a remote attacker CVE-2014-8517. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-639. The text description of this...

7.5CVSS5.5AI score0.69115EPSS
Exploits8References3
FreeBSD Advisory
FreeBSD Advisory
added 2014/11/04 12:0 a.m.13 views

FreeBSD-SA-14:26.ftp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:26.ftp Security Advisory The FreeBSD Project Topic: Remote command execution in ftp1 Category: core Module: ftp Announced: 2014-11-04 Credits: Jared McNeill,...

7.5CVSS6.3AI score0.69115EPSS
Exploits8
myhack58
myhack58
added 2014/11/04 12:0 a.m.16 views

Vulnerability alert:FTP exposed serious remote execution vulnerability,affects multiple versions of Linux(testing script)-bug warning-the black bar safety net

1 0 on 2 8 June, a public message exposed FTP remote command execution vulnerability, the vulnerability affects Linux systems including: Fedora, Debian, NetBSD, FreeBSD, OpenBSD, and even affects Apple's OS X operating system the latest version of Yosemite 10.10 on. NetBSD developersJared...

1.1AI score
Exploits0
Rows per page
Query Builder