123 matches found
SUSE CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
Buffer overflow in Heimdal unwrap_des3()
Description The DES for Samba 4.11 and earlier and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet. Examples of where Samba can use GSSAPI include the client and...
The vulnerability of the Fileserver application of the Apache ActiveMQ software platform, which allows a hacker to download and execute any file they desire.
The vulnerability of the Fileserver application of the Apache ActiveMQ software platform exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to upload and execute any file using the HTTP PUT method, followed by an HTTP MOVE request...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1763)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...
Apache ActiveMQ Improper Input Validation Vulnerability
The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq
CVE-2016-3088 Apache ActiveMQ Remote Code Execution Exploit...
Path Traversal
md-fileserver is vulnerable to path traversal. The attack exists through improper configuration of permissions to the files under the user's home directory of server, allowing anyone having remote access to access the other users files...
CVE-2012-4603
Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver...
CVE-2012-4603
CVE-2012-4603 affects Citrix XenApp Online Plug-in for Windows (12.1 and earlier) and Citrix Receiver for Windows (3.2 and earlier). Reported vulnerability allows remote code execution when a user opens a specially crafted file from an SMB or WebDAV fileserver. The initial description does not sp...
Security Bulletin: IBM Security Guardium is affected by a FileServer functionality vulnerability
Summary IBM Security Guardium has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4292 DESCRIPTION: IBM Security Guardium could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. CV...
Node.js third-party modules: [md-fileserver] Path Traversal
I would like to report path traversal in md-fileserver modulee It allows an attacker to read system files via path traversal through commandline Module module name: md-fileserver version: 1.3.2 npm page: https://www.npmjs.com/package/md-fileserver Module Description Starts a local server to rende...
VulnCheck KEV: CVE-2016-3088
The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
Apache ActiveMQ 5.x < 5.14.0 ActiveMQ Fileserver web application remote code execution (Xbash)
The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.14.0. It is, therefore, affected by a remote code execution vulnerability. The Fileserver web application allows remote attackers to upload and execute arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Directory traversal
cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...
CVE-2017-16122
cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...
CVE-2017-16122
Summary: CVE-2017-16122 affects the simple fileserver named cuciuci , where a directory traversal vulnerability exists via the URL containing sequences like ../. This can allow an attacker to access files outside the intended directory root, potentially disclosing private files. The issue is docu...
Apache ActiveMQ Fileserver remote code execution vulnerability(CVE-2016-3088)
Author: The know Chong Yu 404 laboratory 1. Background overview ActiveMQ is an Apache Software Foundation under an open source message-driven middleware software. Jetty is an open source servlet container, it is based on Java web container such as JSP and servlet to provide the running...
DEBIAN-CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
UBUNTU-CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...