3 matches found
VMware Spring Data REST 访问控制错误漏洞
VMware Spring Data REST is a data interface provided by the American company VMware. It is used to build domain models based on Spring Data repositories, and to expose hypermedia-driven HTTP resources for aggregates contained within those models. VMware Spring Data REST versions 3.7.0 and earlier...
ProFTPD Local Security Bypass Vulnerability
ProFTPD is an FTP server program for Unix or Unix-like platforms such as Linux, FreeBSD, etc.. A local security bypass vulnerability exists in ProFTPD version 1.3.6 before 1.3.5e and 1.3.6 before 1.3.6rc5, which allows a local attacker to bypass the AllowChrootSymlinks control by replacing one of...
DEBIAN-CVE-2017-7418
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass th...