25 matches found
EUVD-2005-1242
Malware in sbrugna...
EUVD-2005-1243
Malware in sbrugna...
EUVD-2005-1241
Malware in sbrugna...
EUVD-2005-1245
Malware in sbrugna...
EUVD-2005-1246
Malware in sbrugna...
CVE-2005-1242
Directory traversal vulnerability in the third party tool from Bsafe, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request...
CVE-2005-1133
The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server...
CVE-2005-1238
By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request...
CVE-2005-1243
Directory traversal vulnerability in the third party tool from SafeStone, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request...
CVE-2005-1242
Directory traversal vulnerability in the third party tool from Bsafe, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request...
CVE-2005-1238
By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request...
CVE-2005-1244
Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has disputed this issue, saying that...
CVE-2005-1243
CVE-2005-1243 describes a directory traversal vulnerability in a third‑party SafeStone tool used to secure the iSeries AS/400 FTP server. The issue allows remote attackers to access arbitrary files (including those under qsys.lib) via ".." sequences in a GET request, due to a canonicalization/pat...
CVE-2005-1240
The CVE-2005-1240 entry describes a directory traversal vulnerability in Castlehill’s third-party tool used to secure the iSeries AS/400 FTP server. Attackers could access arbitrary files (including from qsys.lib) by crafting GET requests containing ".." sequences. The provided description does n...
CVE-2005-1240
Directory traversal vulnerability in the third party tool from Castlehill, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request...
CVE-2005-1238
CVE-2005-1238 affects the built-in FTP server for IBM iSeries AS/400 systems. The root cause is failure to enforce a restricted document root, enabling an attacker to read or write arbitrary files, including sensitive QSYS databases, by sending a full pathname in a GET or PUT request. Impact per ...
CVE-2005-1239
CVE-2005-1239 describes a directory-traversal flaw in Raz‑Lee’s third‑party tool used with the iSeries (AS/400) FTP server. The vulnerability allows remote attackers to access arbitrary files, including those in qsys.lib, by sending crafted "." sequences in a GET request. Publicly available refer...
CVE-2005-1242
The CVE-2005-1242 entry describes a directory traversal vulnerability in the third‑party Bsafe tool used to secure the iSeries AS/400 FTP server. The flaw allows remote attackers to access arbitrary files, including those in qsys.lib, by using ".." sequences in a GET request. Affected software is...
CVE-2005-1239
Directory traversal vulnerability in the third party tool from Raz-Lee, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request...
CVE-2005-1241
Directory traversal vulnerability in the third party tool from Powertech, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request...