22 matches found
CVE-2025-46093
LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 setuid and setgid, which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration...
CVE-2025-46093
LiquidFiles before 4.1.2 is affected. The vulnerability stems from FTP SITE CHMOD handling (mode 6777: setuid/setgid) which can allow FTPDrop users to execute arbitrary code as root by abusing the Actionscript feature and the sudoers configuration. Affected software: LiquidFiles prior to 4.1.2. I...
CVE-2025-46093
LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 setuid and setgid, which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration...
Slackware Advisory SSA:2008-119-01 libpng
The remote host is missing an update as announced via advisory SSA:2008-119-01. OpenVAS Vulnerability Test $Id: esoftslkssa200811901.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Imperva SecureSphere management GUI contains an XSS vulnerability
Overview An XSS vulnerability exists in the Imperva SecureSphere management GUI. Description Dell SecureWorks' SWRX-2011-001 advisory states:"A vulnerability exists in Imperva SecureSphere due to improper validation of user-controlled input. User-controllable input is not properly sanitized for...
[slackware-security] kdelibs
A new kdelibs package is available for Slackware 13.1 to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/kdelibs-4.4.3-i486-2slack13.1.txz: Rebuilt. Patched CVE-2011-1168. For more information, see:...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 13.1 and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/mozilla-thunderbird-3.0.9-i686-1.txz: Upgraded. This upgrade fixes some more security bugs. For more information, see:...
seamonkey
New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about the issues may be found on the Mozilla web site: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html Here are the details from the Slackware...
Microsoft IIS FTP Server NLST Command Remote Overflow
Added: 09/03/2009 CVE: CVE-2009-3023 BID: 36189 OSVDB: 57589 Background Microsoft Internet Information Server IIS includes a web server and an FTP server. Problem A stack overflow in the FTP server in IIS 5 and 6.0 via a crafted NLST command that uses wildcards allows remote authenticated users t...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. More details about the issues may be found here: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html Here are the details from the Slackware 12.1 ChangeLog:...
[slackware-security] vim
New vim packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. More details about this issue may be found here: http://www.rdancer.org/vulnerablevim.html Here are the details from the Slackware 12.1 ChangeLog: patches/packages/vim-7.1.330-i486-1slack12.1.tgz:...
[slackware-security] imagemagick
A new imagemagick package is available for Slackware 11.0 to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-5456 Here are the details from the Slackware 11.0 ChangeLog:...
Input validation
Ipswitch WSFTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the 1 iFTPAddU or 2 iFTPAddH file, or to a 3 edition module...
CVE-2007-0666
Ipswitch WSFTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the 1 iFTPAddU or 2 iFTPAddH file, or to a 3 edition module...
[slackware-security] screen
New screen packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-4573 Here are the details from the Slackware 11....
FileZilla FTP Client Unspecified Overflow
According to its version, the FileZilla FTP client installed on the remote host is affected by an unspecified buffer overflow vulnerability. It may be possible to exploit this issue remotely by tricking a user into connecting to a malicious FTP site using the affected client. Remote code executio...
The use of third-party Internet access software real free Internet access-vulnerability warning-the black bar safety net
New Year's Day the night before, discovered this vulnerability. I was in Jiangsu Changzhou at the school sophomore students. Our school is Nanjing lianchuang company of broadband Internet assistant on the web. This is it, don't know what we black-how many friends, this method can achieve the real...
Wget < 1.8.3 Rogue FTP Site File Deletion
Binary data 1744.prm...
Mozilla 1.01.1 - FTP View Cross-Site Scripting
Mozilla 1.01.1 - FTP View Cross-Site Scripting source: https://www.securityfocus.com/bid/5403/info A cross-site scripting vulnerability in Mozilla has been reported. When viewing the contents of a FTP site as web content from a ftp:// URL, the directory name is included in the HTML representation...
Mozilla 1.0/1.1 - FTP View Cross-Site Scripting
source: https://www.securityfocus.com/bid/5403/info A cross-site scripting vulnerability in Mozilla has been reported. When viewing the contents of a FTP site as web content from a ftp:// URL, the directory name is included in the HTML representation. It is not adequately sanitized before this...