Allocation of Resources Without Limits or Throttling

Overview basic-ftp is a FTP client for Node.js, supports FTPS over TLS, IPv6, Async/Await, and Typescript. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the connect function. An attacker can cause excessive memory and CPU consumption,...

Moderate: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31799 ruby: FTP PASV command response can cause Net::FTP to connect...

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Oracle Linux 8 : curl (ELSA-2021-1610)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1610 advisory. - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284...

SUSE-SU-2017:3176-1 Security update for curl

This update for curl fixes the following security issues: - CVE-2017-1000254: FTP PWD response parser out of bounds read bsc1061876...

CURL-CVE-2017-1000254 FTP PWD response parser out of bounds read

libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then responds with a 257 response containing the path, inside double...

openSUSE Security Update : MozillaThunderbird (openSUSE-2017-545)

This update to MozillaThunderbird 51.1.0 fixes security issues and bugs. In general, these flaws cannot be exploited through email because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. The following vulnerabilities were fixed: boo1035082,...

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2017:0714-1)

This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed bsc1028391 : - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js...

Microsoft Windows IIS FTP Server DOS Vulnerability

This host is running Microsoft IIS with FTP server and is prone to Denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbmsiisftpddosvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Microsoft Windows IIS FTP Server DOS Vulnerability Authors: Sooraj KS Updated By : Sooraj KS on 2011-04-12...

Microsoft Windows IIS FTP Server DOS Vulnerability

Microsoft IIS with FTP server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2006-4310

Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service crash via a crafted FTP response, when attempting to connect with a username and password via the FTP URI...

CVE-2006-4310

Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service crash via a crafted FTP response, when attempting to connect with a username and password via the FTP URI...

CVE-2006-4310

Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service crash via a crafted FTP response, when attempting to connect with a username and password via the FTP URI...