Lucene search
K

123 matches found

Debian CVE
Debian CVE
added 2015/08/19 3:0 p.m.42 views

CVE-2015-1830

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

5CVSS9.4AI score0.84408EPSS
Exploits7
Exploit DB
Exploit DB
added 2015/08/17 12:0 a.m.459 views

Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution

I have recently been playing with Apache ActiveMQ, and came across a simple but interesting directory traversal flaw in the fileserver upload/download functionality. I have only been able to reproduce this on Windows, i.e. where "" is a path delimiter. An attacker could use this flaw to upload...

5CVSS6.5AI score0.25082EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2015/06/23 4:52 p.m.3 views

activemq: Fileserver web application vulnerability allowing RCE

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.8CVSS7.7AI score0.98518EPSS
Exploits19References6
0day.today
0day.today
added 2014/08/14 12:0 a.m.76 views

BlackBerry Z10 Authentication Bypass Vulnerability

BlackBerry Z10 suffers from a storage and access file-exchange authentication bypass vulnerability. BlackBerry Z10 Authentication Bypass Vulnerability --------------------------------------------------------------------- --------------------------------------------------------------------- 1...

6.1CVSS6.7AI score0.01213EPSS
Exploits3
ThreatPost
ThreatPost
added 2014/08/12 11:15 a.m.17 views

Authentication Bypass Bug Fixed in BlackBerry Z10

There’s a remotely exploitable authentication bypass vulnerability in the BlackBerry Z10 phone that affects the service that lets users share files with machines on a wireless network. The bug could allow an attacker to steal users’ personal data or hit them with targeted malware. The Z10 is one ...

2.5AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

windows live messenger plus! fileserver 1.0 - Directory Traversal vuln

No description provided by source. Windows Live Messenger Plus! FileServer 1.0 Found by joepie91 The FileServer script allows a user using Windows Live Messenger Plus! to share a defined folder and its subfolders and files with a contact. Authentication is done using a user-defined username and...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/06/17 12:0 a.m.48 views

[oss-security] CVE request: OpenAFS 1.6.8 TMAY fileserver crashes

New code introduced in OpenAFS 1.6.8 does not properly zero fields in the host structure in the OpenAFS fileserver, leading to some variables in the host structure being left initialized from recycled heap memory. While no mechanism for exploitation is currently known, the affected file server...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/04/10 12:0 a.m.34 views

Scientific Linux Security Update : openafs on SL5.x, SL6.x i386/x86_64 (20140411)

An attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the server. The GetStatistics64 remote procedure call RPC was introduced in OpenAFS 1.4.8 as part of the support for fileserver partitions larger than 2 TiB. The GetStatistics64 RPC is used by...

5CVSS5.8AI score0.02179EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/04/10 12:0 a.m.29 views

Debian DSA-2899-1 : openafs - security update

Michael Meffie discovered that in OpenAFS, a distributed filesystem, an attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the fileserver, and potentially permitting the execution of arbitrary code. In addition, this update addresses a minor deni...

5CVSS6AI score0.02179EPSS
Exploits1References5
NVD
NVD
added 2013/03/14 3:13 a.m.23 views

CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

6.5CVSS7.4AI score0.03383EPSS
Exploits0References7
OSV
OSV
added 2013/03/14 3:13 a.m.1 views

DEBIAN-CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

6.5CVSS7.9AI score0.03383EPSS
Exploits0References1
OSV
OSV
added 2013/03/14 3:13 a.m.6 views

CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

7.4AI score
Exploits0References7
Prion
Prion
added 2013/03/14 3:13 a.m.19 views

Buffer overflow

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

6.5CVSS8.1AI score0.03383EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2013/03/12 4:0 p.m.34 views

CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

7.3AI score0.03383EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2013/03/12 4:0 p.m.23 views

CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

6.5CVSS7.3AI score0.03383EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/03/05 12:0 a.m.25 views

Scientific Linux Security Update : openafs on SL5.x SL6.x i386/x86_64 (20130304)

By carefully crafting an ACL entry an attacker may overflow fixed length buffers within the OpenAFS fileserver, crashing the fileserver, and potentially permitting the execution of arbitrary code. To perform the exploit, the attacker must already have permissions to create ACLs on the fileserver ...

6.5CVSS6.1AI score0.03383EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/05/17 12:0 a.m.41 views

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6437)

This patch updates the SUSE Linux Enterprise 10 SP2 kernel to fix various bugs and some security issues. The following security issues were fixed: CVE-2009-2692: A missing NULL pointer check in the socket sendpage function can be used by local attackers to gain root privileges. No cve yet A...

7.8CVSS6.4AI score0.14749EPSS
Exploits22References8
OpenVAS
OpenVAS
added 2009/08/05 12:0 a.m.21 views

Marcelo Costa FileServer Component Directory Traversal Vulnerability

This host is running Marcelo Costa FileServer with Windows Live Messenger and Messenger Plus! Live, and is prone to directory traversal vulnerability. OpenVAS Vulnerability Test $Id: secpodmarcelocostafileserverdirtravvuln.nasl 8193 2017-12-20 10:46:55Z cfischer $ Marcelo Costa FileServer Compone...

6.8CVSS6.6AI score0.03433EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/08/05 12:0 a.m.19 views

Marcelo Costa FileServer Component Directory Traversal Vulnerability

Marcelo Costa FileServer with Windows Live Messenger and Messenger Plus! Live is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

6.8CVSS6.9AI score0.03433EPSS
Exploits0References2
NVD
NVD
added 2009/07/20 6:30 p.m.18 views

CVE-2009-2544

Directory traversal vulnerability in the Marcelo Costa FileServer component 1.0 for Microsoft Windows Live Messenger and Messenger Plus! Live MPL allows remote authenticated users to list arbitrary directories and read arbitrary files via a .. dot dot in a pathname...

6.8CVSS6.2AI score0.03433EPSS
Exploits0References1
Rows per page
Query Builder