Lucene search
K

71 matches found

Prion
Prion
added 2015/09/18 12:0 p.m.16 views

Design/Logic Flaw

The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses...

5CVSS6.2AI score0.01658EPSS
Exploits0References7Affected Software2
Kitploit
Kitploit
added 2014/07/21 9:9 p.m.48 views

PwnPi - A Pen Test Drop Box distro for the Raspberry Pi

PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 200+ network security tools pre-installed to aid the penetration tester. It is built a stripped down version of the Debian Wheezy image from the Raspberry Pi foundation's website and uses Openbo...

8.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/10/20 12:0 a.m.41 views

Apache 2.0.x < 2.0.47 Multiple Vulnerabilities (DoS, Encryption)

The remote host appears to be running a version of Apache 2.x prior to 2.0.47. It is, therefore, affected by multiple vulnerabilities : - An issue in may occur when the SSLCipherSuite directive is used to upgrade a cipher suite which could lead to a weaker cipher suite being used instead of the...

6.4CVSS5.5AI score0.09185EPSS
Exploits0References4
NVD
NVD
added 2010/03/10 10:30 p.m.24 views

CVE-2010-0962

The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT...

5CVSS6.5AI score0.01246EPSS
Exploits1References5
Prion
Prion
added 2010/03/10 10:30 p.m.15 views

Command injection

The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT...

5CVSS7.1AI score0.01246EPSS
Exploits1References5Affected Software3
Cvelist
Cvelist
added 2010/03/10 10:0 p.m.27 views

CVE-2010-0962

The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT...

6.5AI score0.01246EPSS
Exploits1References5
securityvulns
securityvulns
added 2010/03/04 12:0 a.m.54 views

Apple Airport Wireless Products: Promiscuous FTP PORT Allowed in FTP Proxy Provides Security Bypass

The FTP proxy used in Apple's Airport Express, Airport Extreme, Time Capsule and possibly elsewhere doesn't check the client provided address and port given by the FTP PORT command against the IP address of the connecting client, or against the use of privileged ports. The FTP PORT command is use...

Exploits0
securityvulns
securityvulns
added 2010/03/04 12:0 a.m.20 views

Apple Airport unauthorized network access

FTP proxy functionality doesn't check PORT command arguments allowing to map external port to any internal port of any internal address...

2.4AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2010/01/06 4:21 p.m.7 views

httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply

The approxyftphandler function in modules/proxy/proxyftp.c in the modproxyftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service NULL pointer dereference and child process crash via a malformed reply to an EPSV command...

2.6CVSS7.2AI score0.08566EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2009/11/17 12:0 a.m.41 views

RedHat Security Advisory RHSA-2009:1580

The remote host is missing updates announced in advisory RHSA-2009:1580. The Apache HTTP Server is a popular Web server. A flaw was found in the way the TLS/SSL Transport Layer Security/Secure Sockets Layer protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw t...

9.8CVSS6.5AI score0.87264EPSS
Exploits19References3
RedHat Linux
RedHat Linux
added 2009/11/11 10:0 p.m.13 views

httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply

The approxyftphandler function in modules/proxy/proxyftp.c in the modproxyftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service NULL pointer dereference and child process crash via a malformed reply to an EPSV command...

2.6CVSS7.2AI score0.08566EPSS
Exploits2References4
seebug.org
seebug.org
added 2009/09/06 12:0 a.m.18 views

Apache mod_proxy_ftp模块Null指针拒绝服务漏洞

Bugraq ID: 36260 Apache modproxyftp是一款用于处理FTP代理请求的Apache模块。 当处理FTP服务器的应答时modproxyftp存在错误,可导致Null指针应用而造成一个用程序崩溃。 使用./configure –enable-proxy –enable-proxy-ftp启用代理支持,并在httpd.conf文件中设置‘ProxyRequests’选项,如下代码的漏洞可导致应用程序崩溃: modules/proxy/proxyftp.c: int approxyftphandlerrequestrec r, proxyserverconf con...

7.1AI score
Exploits0
CERT
CERT
added 2008/05/21 12:0 a.m.20 views

FireFTP filename directory traversal sequence vulnerability

Overview The FireFTP Mozilla Firefox extension contains a vulnerability that may allow an attacker to write files to arbitrary locations. Description FireFTP is a Firefox extension that provides FTP client functionality. Firefox extensions can run with Chrome privileges which allow them to...

7.1AI score
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2008/04/04 12:0 a.m.49 views

openSUSE 10 Security Update : apache2 (apache2-5125)

This update fixes multiple bugs in apache : - cross site scripting problem in modimap CVE-2007-5000 - cross site scripting problem in modstatus CVE-2007-6388 - cross site scripting problem in the ftp proxy module CVE-2008-0005 - cross site scripting problem in the error page for status code 413...

4.3CVSS7.1AI score0.80749EPSS
Exploits7References6
Tenable Nessus
Tenable Nessus
added 2008/04/04 12:0 a.m.49 views

openSUSE 10 Security Update : apache2 (apache2-5126)

This update fixes multiple bugs in apache : - cross site scripting problem in modimap CVE-2007-5000 - cross site scripting problem in modstatus CVE-2007-6388 - cross site scripting problem in the ftp proxy module CVE-2008-0005 - cross site scripting problem in the error page for status code 413...

4.3CVSS7.1AI score0.80749EPSS
Exploits7References6
Tenable Nessus
Tenable Nessus
added 2008/04/04 12:0 a.m.40 views

SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 5128)

This update fixes multiple bugs in apache : - cross-site scripting problem in modimap. CVE-2007-5000 - cross-site scripting problem in modstatus. CVE-2007-6388 - cross-site scripting problem in the ftp proxy module. CVE-2008-0005 - cross-site scripting problem in the error page for status code 41...

4.3CVSS7.2AI score0.80749EPSS
Exploits7References12
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.30 views

Debian Security Advisory DSA 510-1 (jftpgw)

The remote host is missing an update to jftpgw announced via advisory DSA 510-1. OpenVAS Vulnerability Test $Id: deb5101.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 510-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

10CVSS1.1AI score0.04343EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.11 views

Debian: Security Advisory (DSA-510)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.04343EPSS
Exploits0References3
Prion
Prion
added 2007/10/29 9:46 p.m.21 views

Double free

Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service daemon crash via multiple OPEN commands to the FTP proxy...

5CVSS7AI score0.02079EPSS
Exploits1References10Affected Software1
NVD
NVD
added 2007/10/29 9:46 p.m.34 views

CVE-2007-5622

Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service daemon crash via multiple OPEN commands to the FTP proxy...

5CVSS6.7AI score0.02079EPSS
Exploits1References10
Rows per page
Query Builder