32 matches found
EUVD-2008-7071
Malware in sbrugna...
EUVD-2008-7072
Malware in sbrugna...
EUVD-2008-7070
Malware in sbrugna...
EUVD-2008-7069
Malware in sbrugna...
Kyocera Mita Scanner File Utility 3.3.0.1 File Transfer Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30855/info Kyocera Mita Scanner File Utility is prone to a directory-traversal vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to create and overwrite arbitrary...
Server side request forgery (ssrf)
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 allows remote attackers to cause a denial of service hang or crash via invalid field length values in a malformed 1 document or 2 request...
CVE-2008-7109
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password...
Authorization
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password...
CVE-2008-7110
Directory traversal vulnerability in the Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 allows remote attackers to upload files to arbitrary locations via a .. dot dot in a request...
CVE-2008-7111
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 does not restrict the filenames or extensions of uploaded files, which makes it easier for remote attackers to execute arbitrary code or overwrite files by leveraging CVE-2008-7110 and CVE-2008-7109...
Directory traversal
Directory traversal vulnerability in the Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 allows remote attackers to upload files to arbitrary locations via a .. dot dot in a request...
CVE-2008-7113
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 uses a small space of predictable user identification numbers for access control, which allows remote attackers to upload documents via a brute force attack...
Code injection
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 does not restrict the filenames or extensions of uploaded files, which makes it easier for remote attackers to execute arbitrary code or overwrite files by leveraging CVE-2008-7110 and CVE-2008-7109...
Design/Logic Flaw
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 uses a small space of predictable user identification numbers for access control, which allows remote attackers to upload documents via a brute force attack...
CVE-2008-7112
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 allows remote attackers to cause a denial of service hang or crash via invalid field length values in a malformed 1 document or 2 request...
CVE-2008-7110
Directory traversal vulnerability in the Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 allows remote attackers to upload files to arbitrary locations via a .. dot dot in a request...
CVE-2008-7109
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password...
CVE-2008-7113
The CVE-2008-7113 entry describes a vulnerability in Kyocera Mita KM Scanner File Utility (aka listener) version 3.3.0.1 where a small, predictable space of user IDs used for access control enables remote attackers to upload documents via a brute-force approach. The affected component is the Scan...
CVE-2008-7109
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password...
CVE-2008-7110
CVE-2008-7110 affects Kyocera Mita KM 3.3.0.1: the Scanner File Utility (aka listener) vulnerable to directory traversal via .. in a request, enabling remote upload of files to arbitrary locations. Related entries (CVE-2008-7111) indicate the tool does not restrict uploaded filenames or extension...