12 matches found
SUSE CVE-2016-5725
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
GHSA-Q446-82VQ-W674 Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
Oracle Primavera Gateway (Apr 2021 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is 16.2.x, 17.12.x prior to 17.12.11. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory. - Vulnerability in the Primavera Gateway...
Security Bulletin: Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE
Summary Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command. Vulnerability Details CVEID: CVE-2016-5725...
CVE-2016-5725
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
CVE-2016-5725
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
CVE-2016-5725
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
CVE-2016-5725
CVE-2016-5725 is a directory traversal flaw in JSch (JSch-JCraft) before 0.1.54 on Windows when using ChannelSftp.OVERWRITE. An attacker could cause a remote SFTP server to write arbitrary files via ..\ in a response to a recursive GET. Connected IBM advisories note related fixes/upgrades (e.g., ...
CVE-2016-5725
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
CVE-2016-5725
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
JCraft JSch Directory Traversal Vulnerability
JCraft JSch is a set of secure channels for connecting to sshd servers from JCraft Japan. A directory traversal vulnerability exists in versions of JCraft JSch prior to 0.1.53, which can be exploited by an attacker to overwrite arbitrary files in an application by sending a request with the...