Lucene search
+L

233 matches found

UbuntuCve
UbuntuCve
added 2019/01/31 6:29 p.m.34 views

CVE-2019-7282

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

5.9CVSS6.6AI score0.02067EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2019/01/31 6:29 p.m.64 views

CVE-2019-7283

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

7.4CVSS6.9AI score0.01762EPSS
Exploits1References3
OSV
OSV
added 2019/01/31 6:29 p.m.16 views

CVE-2019-7282

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

5.9CVSS6.2AI score
Exploits0References6
OSV
OSV
added 2019/01/31 6:29 p.m.9 views

UBUNTU-CVE-2019-7282

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

5.9CVSS6.6AI score0.02067EPSS
Exploits1References5
OSV
OSV
added 2019/01/31 6:29 p.m.8 views

DEBIAN-CVE-2019-7283

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

7.4CVSS6.6AI score0.01762EPSS
Exploits1References1
OSV
OSV
added 2019/01/31 6:29 p.m.16 views

CVE-2019-7283

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

7.4CVSS6.4AI score
Exploits0References3
Cvelist
Cvelist
added 2019/01/31 6:0 p.m.47 views

CVE-2019-7282

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

6.5AI score0.02067EPSS
Exploits1References6
CVE
CVE
added 2019/01/31 6:0 p.m.115 views

CVE-2019-7282

CVE-2019-7282 (netkit-rsh) affects the netkit-rsh client. The Debian LTS advisory (DLA-2822-1) states that two issues exist due to insufficient input validation in path names sent by the server, allowing a malicious server to perform arbitrary file overwrites in the target directory or to modify ...

5.9CVSS6.3AI score0.02067EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2019/01/31 6:0 p.m.79 views

CVE-2019-7282

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

5.9CVSS6.9AI score0.02067EPSS
Exploits1
CVE
CVE
added 2019/01/31 6:0 p.m.133 views

CVE-2019-7283

The connected Broadcom advisory confirms CVE-2019-7283 affects NetKit’s rcp up to version 0.17, where the rcp server’s file selection is trusted but the client’s object-name validation is only cursory. A malicious rsh server or MITM can overwrite arbitrary files in a client directory by exploitin...

7.4CVSS6.6AI score0.01762EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2019/01/26 12:0 a.m.5 views

PT-2019-6235 · Netkit · Netkit

Name of the Vulnerable Software and Affected Versions: NetKit versions through 0.17 Description: The issue allows a malicious rsh server or a Man-in-The-Middle attacker to overwrite arbitrary files in a directory on the rcp client machine due to the rcp client only performing cursory validation o...

8.8CVSS6AI score0.02067EPSS
Exploits2References28
CNVD
CNVD
added 2015/12/31 12:0 a.m.2 views

Ubuntu NetKit FTP Client Local Denial of Service Vulnerability

Ubuntu NetKit FTP Client is a set of client command line tools for ftp in linux systems. A denial of service vulnerability exists in Ubuntu NetKit FTP Client. An attacker can exploit this vulnerability to cause a denial of service...

6.9AI score
Exploits0References1
0day.today
0day.today
added 2015/08/15 12:0 a.m.31 views

Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC Vulnerability

Exploit for linux platform in category dos / poc + Author: TUNISIAN CYBER + Exploit Title: Ubuntu 14.04 NetKit FTP Client Crash/DoS POC + Date: 15-08-2015 + Type: Local Exploits + Tested on: Ubuntu 14.04 Works with other distros 11.04:https://www.exploit-db.com/exploits/17806/ + Twitter: @TCYB3R...

7AI score
Exploits0
exploitpack
exploitpack
added 2015/08/15 12:0 a.m.23 views

NetKit FTP Client (Ubuntu 14.04) - CrashDenial of Service (PoC)

NetKit FTP Client Ubuntu 14.04 - CrashDenial of Service PoC + Author: TUNISIAN CYBER + Exploit Title: Ubuntu 14.04 NetKit FTP Client Crash/DoS POC + Date: 15-08-2015 + Type: Local Exploits + Tested on: Ubuntu 14.04 Works with other distros 11.04:https://www.exploit-db.com/exploits/17806/ + Twitte...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/08/15 12:0 a.m.31 views

NetKit FTP Client (Ubuntu 14.04) - Crash/Denial of Service (PoC)

Author: TUNISIAN CYBER + Exploit Title: Ubuntu 14.04 NetKit FTP Client Crash/DoS POC + Date: 15-08-2015 + Type: Local Exploits + Tested on: Ubuntu 14.04 Works with other distros 11.04:https://www.exploit-db.com/exploits/17806/ + Twitter: @TCYB3R cyb3rus@ubuntu:$ gdp ftp No command 'gdp' found,...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the netkit-telnetd package up to version 0.17-r3 inclusive in the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

10CVSS5.4AI score0.37896EPSS
Exploits2References3Affected Software1
OpenVAS
OpenVAS
added 2011/12/30 12:0 a.m.22 views

Mandriva Update for krb5-appl MDVSA-2011:195 (krb5-appl)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

10CVSS5.6AI score0.95104EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2011/12/29 12:0 a.m.31 views

Mandriva Linux Security Advisory : krb5-appl (MDVSA-2011:195)

A vulnerability has been discovered and corrected in krb5-appl, heimdal and netkit-telnet : An unauthenticated remote attacker can cause a buffer overflow and probably execute arbitrary code with the privileges of the telnet daemon CVE-2011-4862. In Mandriva the telnetd daemon from the...

10CVSS6.5AI score0.95104EPSS
Exploits19References2
OpenVAS
OpenVAS
added 2010/09/27 12:0 a.m.8 views

Mandriva Update for rsh MDVA-2010:186 (rsh)

Check for the Version of rsh OpenVAS Vulnerability Test Mandriva Update for rsh MDVA-2010:186 rsh Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.25 views

Gentoo Security Advisory GLSA 200803-30 (ssl-cert.eclass)

The remote host is missing updates announced in advisory GLSA 200803-30. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

1.9CVSS0.3AI score0.00212EPSS
Exploits1
Rows per page
Query Builder