Lucene search
K

156 matches found

NVD
NVD
added 2017/12/15 9:29 a.m.18 views

CVE-2017-17405

Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...

9.3CVSS8.7AI score0.73927EPSS
Exploits5References14
OSV
OSV
added 2017/12/15 9:29 a.m.4 views

ALPINE-CVE-2017-17405

Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...

8.8CVSS7.1AI score0.73927EPSS
Exploits5References1
Cvelist
Cvelist
added 2017/12/15 9:0 a.m.26 views

CVE-2017-17405

Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...

7.6AI score0.73927EPSS
Exploits5References14
AlpineLinux
AlpineLinux
added 2017/12/15 9:0 a.m.44 views

CVE-2017-17405

Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...

9.3CVSS7.9AI score0.73927EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2015/04/01 12:0 a.m.24 views

Mandriva Linux Security Advisory : erlang (MDVSA-2015:174)

Updated erlang packages fixes security vulnerability : An FTP command injection flaw was found in Erlang's FTP module. Several functions in the FTP module do not properly sanitize the input before passing it into a control socket. A local attacker can use this flaw to execute arbitrary FTP comman...

7.5CVSS8.6AI score0.02193EPSS
Exploits1References2
OSV
OSV
added 2014/12/26 5:4 p.m.8 views

MGASA-2014-0553 Updated erlang packages fix security vulnerabilities

Updated erlang packages fixes security vulnerability: An FTP command injection flaw was found in Erlang's FTP module. Several functions in the FTP module do not properly sanitize the input before passing it into a control socket. A local attacker can use this flaw to execute arbitrary FTP command...

7.5CVSS6.7AI score0.02193EPSS
Exploits1References4
Mageia
Mageia
added 2014/12/26 5:4 p.m.40 views

Updated erlang packages fix security vulnerabilities

Updated erlang packages fixes security vulnerability: An FTP command injection flaw was found in Erlang's FTP module. Several functions in the FTP module do not properly sanitize the input before passing it into a control socket. A local attacker can use this flaw to execute arbitrary FTP command...

7.5CVSS9.7AI score0.02193EPSS
Exploits1References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

ProFTPD 1.2 SIZE Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2185/info A memory leak has been reported in all versions of ProFTPd. The SIZE FTP command causes the server to misallocate and leak small amounts of memory each time the command is executed. If a sufficient number of the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

GlobalScape CuteFTP 5.0 LIST Response Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6642/info A buffer overflow condition has been reported for the CuteFTP application. The vulnerability is due to insufficient bounds checking performed on certain FTP command responses. If CuteFTP is used to connect to a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Mollensoft Software Enceladus Server Suite 3.9 FTP Command Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/6345/info Enceladus Server Suite is prone to a remotely exploitable buffer overflow vulnerability. It is possible to trigger this condition by supplying an overly long value for several FTP commands. To exploit this issue...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

Ipswitch WS_FTP Server 3.4/4.0 FTP Command Buffer Overrun Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/8542/info Ipswitch WSFTP Server is reported to be prone to buffer overruns when handling data supplied to the APPE and STAT FTP commands. An FTP user who supplies excessive input to these commands could potentially execut...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Mini FTP Server 1.1 Buffer Corruption Remote Denial of Service

No description provided by source. !/usr/bin/python Mini FTP Server 1.1 Buffer Corruption Remote Denial Of Service Exploit Vendor: webmaster442 Product web page: http://miniftpserver.codeplex.com Affected version: 1.1.1.0 Summary: Minimal FTP server for windows. Uses only managed code. Works with...

7.1AI score
Exploits0
NVD
NVD
added 2013/07/03 1:54 p.m.13 views

CVE-2013-0476

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to inject arbitrary FTP commands via unspecified vectors...

6.4CVSS6.8AI score0.01141EPSS
Exploits0References2
Prion
Prion
added 2012/11/14 12:55 a.m.23 views

Command injection

Microsoft FTP Service 7.0 and 7.5 for Internet Information Services IIS processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka "FTP Command Injection Vulnerability."...

5CVSS7.3AI score0.41968EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2012/11/14 12:0 a.m.404 views

CVE-2012-2532

CVE-2012-2532 affects Microsoft Internet Information Services (IIS) FTP service in IIS 7.0 and 7.5. The vulnerability arises from the FTP service processing unspecified commands before TLS negotiation, enabling remote attackers to disclose sensitive information from responses to those commands (F...

5CVSS6.8AI score0.41968EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2012/11/14 12:0 a.m.29 views

CVE-2012-2532

Microsoft FTP Service 7.0 and 7.5 for Internet Information Services IIS processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka "FTP Command Injection Vulnerability."...

6.7AI score0.41968EPSS
Exploits1References3
Prion
Prion
added 2012/09/19 7:55 p.m.25 views

Stack overflow

Stack-based buffer overflow in SR10 FTP server SR10.exe 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command...

6.8CVSS8.7AI score0.31157EPSS
Exploits3References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.37 views

Scientific Linux Security Update : httpd on SL3.x, SL4.x, SL5.x i386/x86_64

CVE-2009-1891 httpd: possible temporary DoS CPU consumption in moddeflate CVE-2009-3094 httpd: NULL pointer defer in modproxyftp caused by crafted EPSV and PASV reply CVE-2009-3095 httpd: modproxyftp FTP command injection via Authorization HTTP header CVE-2009-3555 TLS: MITM attacks via session...

9.8CVSS7.2AI score0.87264EPSS
Exploits18References6
OpenVAS
OpenVAS
added 2012/02/12 12:0 a.m.37 views

Gentoo Security Advisory GLSA 201110-25 (Pure-FTPd)

The remote host is missing updates announced in advisory GLSA 201110-25. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5.8CVSS0.3AI score0.33341EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2012/01/06 12:0 a.m.13 views

Successful Shell Attack Detected - 'ftp' Command

Binary data 6193.prm...

7.3AI score
Exploits0
Rows per page
Query Builder