5 matches found
CVE-2015-3013
The CVE-2015-3013 entry applies to ownCloud Server releases before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5, where authenticated remote users could bypass the file blacklist and upload arbitrary files by using UTF-8 encoded paths (demonstrated with .htaccess). Exploitation requires authenti...
[SECURITY] [DSA 3244-1] owncloud security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3244-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 02, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3244-1] owncloud security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3244-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 02, 2015 http://www.debian.org/security/faq -...
Bypass of file blacklist - ownCloud
A blacklist bypass vulnerability including UTF-8 encoding in file paths in the mentioned ownCloud versions, allows authenticated remote attackers to bypass the file blacklist and upload files such as the .htaccess files. An attacker could leverage this bypass by uploading a .htaccess and execute...
Bypass of file blacklist on Microsoft Windows Platform - ownCloud
A blacklist bypass vulnerability including UTF-8 encoding in file paths in the mentioned ownCloud Server versions, when running on a Microsoft Windows Platform, allows authenticated remote attackers to bypass the file blacklist and upload files such as the .htaccess files. An attacker could...