Security Bulletin: JSch could allow a remote attacker to traverse directories on the system which affects watsonx.data

Summary JSch could allow a remote attacker to traverse directories on the system, which may impact watsonx.data. Vulnerability Details CVEID:CVE-2016-5725 DESCRIPTION: JSch could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request ...

Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2016-5725 found in jsch-0.1.40.jar

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following jsch-0.1.40.jar vulnerability and updated jsch.jar from version 0.1.40 to 0.1.55 Vulnerability Details CVEID:CVE-2016-5725 DESCRIPTION: JSch could allow a remote attacker to...

Oracle Primavera Gateway (Apr 2021 CPU)

According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is 16.2.x, 17.12.x prior to 17.12.11. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory. - Vulnerability in the Primavera Gateway...

Moderate: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R5 security and bug fix update

An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

SUSE-SU-2017:0715-1 Security update for jsch

This update for jsch to version 0.1.54 fixes the following issues: Security issues fixed: - CVE-2016-5725: recursive sftp get client-side windows path traversal bsc997542. Bugfixes: - sftp-put may send the garbage data in some rare case. - fixed a deadlock bug in KnownHostsgetHostKey. -...

DEBIAN-CVE-2016-5725

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...

CVE-2016-5725

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...

CVE-2016-5725

CVE-2016-5725 is a directory traversal flaw in JSch (JSch-JCraft) before 0.1.54 on Windows when using ChannelSftp.OVERWRITE. An attacker could cause a remote SFTP server to write arbitrary files via ..\ in a response to a recursive GET. Connected IBM advisories note related fixes/upgrades (e.g., ...

CVE-2016-5725

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...

Updated jsch packages fix security vulnerability

It was discovered that there was a path traversal vulnerability in jsch CVE-2016-5725...

CVE-2016-5725

creationtimestamp| type| source ---|---|--- 2016-09-21 20:06:17+00:00| published-proof-of-concept| https://t.me/FullDisclosure/81 2016-09-22 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40411...