15 matches found
Siemens (CVE-2019-12815)
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Mageia: Security Advisory (MGASA-2019-0314)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Siemens SIMATIC CP 1543-1
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC CP 1543-1 Vulnerabilities: Improper Access Control, Loop with Unreachable Exit Condition 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
Updated proftpd packages fix security vulnerabilities
Updated proftpd package fixes security vulnerabilities: It was discovered that the modcopy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands CVE-2019-12815. It was discovered that due to incorrect handling of overly long commands, a...
Security fix for the ALT Linux 8 package proftpd version 1.3.6-alt0.1.ga73dbfe3b
1.3.6-alt0.1.ga73dbfe3b built Sept. 9, 2019 Sergey Y. Afonin in task 237142 July 23, 2019 Konstantin Lepikhov - Updated to 1.3.6-ga73dbfe3b. - Fix modcopy bug 4372 Ensure that modcopy checks for <Limits for its SITE CPFR CVE-2019-12815 closes 37056. - Updated modsqlpostgres patch. - Updated -pc...
OPENSUSE-SU-2019:1870-1 Security update for proftpd
This update for proftpd fixes the following issues: Security issues fixed: - CVE-2019-12815: Fixed arbitrary file copy in modcopy that allowed for remote code execution and information disclosure without authentication bnc1142281. This update was imported from the openSUSE:Leap:15.0:Update update...
Debian DSA-4491-1 : proftpd-dfsg - security update
Tobias Maedel discovered that the modcopy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4491...
openSUSE Security Update : proftpd (openSUSE-2019-1836)
This update for proftpd fixes the following issues : Security issues fixed : - CVE-2019-12815: Fixed arbitrary file copy in modcopy that allowed for remote code execution and information disclosure without authentication bnc1142281. C Tenable Network Security, Inc. The descriptive text and packag...
OPENSUSE-SU-2019:1836-1 Security update for proftpd
This update for proftpd fixes the following issues: Security issues fixed: - CVE-2019-12815: Fixed arbitrary file copy in modcopy that allowed for remote code execution and information disclosure without authentication bnc1142281...
Security update for proftpd (important)
openSUSE Security Update: Security update for proftpd Announcement ID: openSUSE-SU-2019:1836-1 Rating: important References: 1142281 Cross-References: CVE-2017-7418 CVE-2019-12815 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15 An update that fixes two...
A New 'Arbitrary File Copy' Flaw Affects ProFTPD Powered FTP Servers
A German security researcher has publicly disclosed details of a serious vulnerability in one of the most popular FTP server applications, which is currently being used by more than one million servers worldwide. The vulnerable software in question is ProFTPD, an open source FTP server used by a...
CVE-2019-12815
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...
CVE-2019-12815
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...
CVE-2019-12815
Summary: CVE-2019-12815 is a vulnerability in ProFTPD’s mod_copy that allowed unauthenticated remote access to copy arbitrary files due to incomplete CPFR/CPTO permission checks, enabling remote code execution and information disclosure. Affected software: ProFTPD up to 1.3.5b (and related 1.3.5 ...
CVE-2019-12815
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...