Lucene search
K

55 matches found

The Hacker News
The Hacker News
added 2013/08/01 6:44 p.m.6 views

Vulnerability found in Apple's iOS can hide malicious code inside apps

A Georgia Tech researcher has found a weakness in Apple's iOS mobile platform that could let hackers to hide malicious code inside apps and can be surreptitiously planted on the Apple App Store. Researchers team created a proof-of-concept attack that was published in the Apple App Store and used ...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2013/08/01 7:44 a.m.20 views

Vulnerability found in Apple's iOS can hide malicious code inside apps

A Georgia Tech researcher has found a weakness in Apple’s iOS mobile platform that could let hackers to hide malicious code inside apps and can be surreptitiously planted on the Apple App Store. Researchers team created a proof-of-concept attack that was published in the Apple App Store and used ...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2013/06/24 12:0 a.m.20 views

Telnet-Ftp Service Server 1.0 Directory Traversal

Exploit Title: Telnet-Ftp Service Server v1.0 Directory Traversal Vulnerability Date Published: 2013/6/18 Exploit Author: Chako Software Link: http://telnet-ftp-server.en.softonic.com/ Version: v1.0 Build 1.218 Tested on: Windows Xp SP3 English Description: ===================== A vulnerability h...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2012/01/03 12:35 p.m.12 views

Android mobile internet tethering become undetectable by carriers

Android mobile internet tethering become undetectable by carriers When the idea that your smartphone's data connection would be able to be shared by your laptop with no additional charge, everyone seemed to be on board over the past year, carriers have started up extra costs for this and have...

6.6AI score
Exploits0
seebug.org
seebug.org
added 2011/12/07 12:0 a.m.11 views

Serv-U数据连接处理拒绝服务和会话令牌漏洞

BUGTRAQ ID: 50906 Serv-U是一种使用广泛的FTP服务器程序。 Serv-U在实现上存在安全漏洞,可被恶意用户利用造成拒绝服务并绕过某些安全限制。 1)在操作数据连接的监听套接字处理中存在错误,通过大量的FTP PASV命令,可耗尽可用的TCP端口,造成无法处理其他被动连接。 2)管理控制台会在管理员登录后生成较弱的会话令牌,这会允许枚举有效的令牌并通过FTP反弹攻击造成任意用户。成功利用此漏洞需要用户具有读写权限并让管理员打开控制台。 Serv-U 11.1.0.3 厂商补丁: RhinoSoft ---------...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2011/11/16 12:0 a.m.50 views

Attachmate Reflection FTP Client Heap Overflow

Application: Attachmate Reflection FTP Client Heap Overflow Platforms: Windows Exploitation: Remote code execution CVE Number: PRL: 2011-09 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Timeline 3 Technical...

6.8CVSS0.7AI score0.30592EPSS
Exploits4
exploitpack
exploitpack
added 2011/02/24 12:0 a.m.13 views

iOS myDBLite 1.1.10 - Directory Traversal

iOS myDBLite 1.1.10 - Directory Traversal Exploit Title : myDBLite v1.1.10 for iPhone / iPod touch, Directory Traversal Date: 02/24/2011 Author: R3d@l3rt, Sp@2K, Sp@2K, Sunlight, H@ckk3y Software Link: http://itunes.apple.com/kr/app/mydb-lite/id335521112?mt=8 Version: 1.1.10 Tested on: iPhone, iP...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/11/14 12:0 a.m.21 views

AASync 2.2.1.0 (Windows x86) - Remote Stack Buffer Overflow 'LIST' (Metasploit)

$Id: aasynclistreply.rb 11039 2010-11-14 19:03:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/11/14 12:0 a.m.36 views

FTP Synchronizer Professional 4.0.73.274 - Remote Stack Buffer Overflow (Metasploit)

$Id: ftpsynchlistreply.rb 11039 2010-11-14 19:03:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/10/13 12:0 a.m.19 views

AASync v2.2.1.0 (Win32) Stack Buffer Overflow (LIST)

$Id: aasynclistreply.rb 10660 2010-10-12 18:39:21Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

0.8AI score
Exploits0
seebug.org
seebug.org
added 2008/06/25 12:0 a.m.20 views

JSCAPE Secure FTP Applet主机密钥验证绕过安全限制漏洞

BUGTRAQ ID: 29882 Secure FTP Applet是运行在WEB浏览器中的的FTP客户端组件。 Secure FTP Applet在处理数据连接时存在漏洞,在连接期间Applet没有正确地验证或显示主机密钥,这允许攻击者通过中间人攻击劫持会话,从而完全入侵FTP客户端。 JSCAPE Secure FTP Applet 4.8 JSCAPE ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.jscape.com/sftpapplet/index.html...

6.9AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.30 views

Network protocols security: View from client side

Security of Common Application Network Protocols: A Client's Perspective Having received an offer to write an article about the security of network protocols and their vulnerabilities, at first I wanted to refuse - it seems that everything that can be written on this topic has already been writte...

0.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2006/07/16 12:0 a.m.16 views

Security Best Practice: Protect Yourself from FTP Bounce Attacks

To conform with the FTP protocol, the PORT command has the originating machine specify an arbitrary destination machine and port for the data connection. However, this behavior also means that an attacker can open a connection to a specific port on a machine that may not be the originating client...

7.5CVSS1.6AI score0.0245EPSS
Exploits0
securityvulns
securityvulns
added 2005/10/14 12:0 a.m.27 views

TYPSoft FTP Server DoS

Crash on FTP RETR command before data connection open...

1AI score
Exploits0References1Affected Software1
CERT
CERT
added 2002/04/29 12:0 a.m.117 views

File Transfer Protocol allows data connection hijacking via PASV mode race condition

Overview There is a vulnerability in the File Transfer Protocol FTP that allows an attacker to hijack FTP data connections when the client connects using passive mode PASV. Description In FTP PASV mode, the client makes a control connection to the FTP server typically port 21/tcp and requests a...

10CVSS6.4AI score0.0404EPSS
Exploits0References6
Rows per page
Query Builder