Lucene search
K

6 matches found

CVE
CVE
added 2017/12/15 9:0 a.m.305 views

CVE-2017-17405

CVE-2017-17405 is a Ruby Net::FTP command-injection vulnerability where Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile invoke Kernel#open on local files; if the localfile argument begins with a pipe, the following command is executed. The default localfile is the ba...

9.3CVSS7.5AI score0.73927EPSS
Exploits5References14Affected Software1
Debian CVE
Debian CVE
added 2017/12/15 9:0 a.m.26 views

CVE-2017-17405

Removed by vendor...

9.3CVSS9.3AI score0.73927EPSS
Exploits5
AlpineLinux
AlpineLinux
added 2017/12/15 9:0 a.m.44 views

CVE-2017-17405

Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...

9.3CVSS7.9AI score0.73927EPSS
Exploits5
RubySec
RubySec
added 2017/12/14 12:0 a.m.46 views

Command injection vulnerability in Net::FTP

There is a command injection vulnerability in Net::FTP bundled with Ruby. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the pipe character "|", the command following the pipe character is...

9.3CVSS7.1AI score0.73927EPSS
Exploits5References1Affected Software1
UbuntuCve
UbuntuCve
added 2005/05/02 4:0 a.m.30 views

CVE-2005-0372

Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. dot dot sequences in filenames returned from a LIST command...

5CVSS6AI score0.03648EPSS
Exploits0References1
securityvulns
securityvulns
added 2001/04/26 12:0 a.m.26 views

[RHSA-2001:053-06] gftp format string vulnerability corrected

--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: gftp format string vulnerability corrected Advisory ID: RHSA-2001:053-06 Issue date: 2001-04-20 Updated on: 2001-04-23 Product: Red Hat Linux Keywords: gftp format Cross...

7.3AI score
Exploits0
Rows per page
Query Builder