14 matches found
PCMan FTP Server 安全漏洞
PCMan FTP Server is a suite of FTP server software from PCMan Open Source. A security vulnerability exists in PCMan FTP Server version 2.0, which stems from a buffer overflow in the pwd command that could lead to the execution of arbitrary code...
CVE-2025-5357
A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component PWD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed ...
FreeFloat FTP Server 安全漏洞
FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the failure of the component PWD Command Handler to properly validate the length size of input data, no details of the vulnerability are provided at this time...
CVE-2021-31887
A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...
Green Hills INTEGRITY RTOS Memory Address Information Leakage Vulnerability (CNVD-2019-13137)
INTEGRITY is a real-time operating system RTOS from Green Hills Software. A memory address information leakage vulnerability exists in handleripcomshellpwd in the Interpeak IPCOMShell TELNET server in Green Hills INTEGRITY RTOS 5.0.4. The vulnerability stems from the fact that when the pwd comman...
UBUNTU-CVE-2017-8296
kedpm 0.5 and 1.0 creates a history file in /.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for requests that create a user account via an adduser action in a request to password.cmd...
Successful Shell Attack Detected - Linux 'passwd' Command
Binary data 6144.prm...
PT-2009-5966 · Vmware · Vmware Server +3
Name of the Vulnerable Software and Affected Versions: VMware Workstation versions 7.0 through 7.0.0 before build 227600 VMware Workstation version 6.5.x through 6.5.3 before build 246459 VMware Player versions 3.0 through 3.0.0 before build 227600 VMware Player version 2.5.x through 2.5.3 before...
gtalkbot information leak
Username and password are passed in command line and can be obtained with process list...
HP-UX Security patch : PHCO_9641
The remote host is missing HP-UX Security Patch number PHCO9641 . Security Vulnerabilities in the password command %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16940;...
HP-UX Security patch : PHCO_9640
The remote host is missing HP-UX Security Patch number PHCO9640 . Security Vulnerabilities in the password command %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16941;...
Oracle Database Listener Program (tnslsnr) Service Blank Password
The remote Oracle Listener Program tnslsnr has no password assigned. An attacker may use this fact to shut it down arbitrarily, thus preventing legitimate users from using it. %NASLMINLEVEL 70300 oracletnslsnrsecurity.nasl - NASL script to do a TNS STATUS command against the Oracle tnslsnr and gr...
PT-1998-1003 · Qpopper · Qpopper
Name of the Vulnerable Software and Affected Versions: qpopper affected versions not specified Description: The issue allows remote attackers to gain root access by exploiting a buffer overflow in POP servers. This can be achieved by using a long PASS command. Recommendations: At the moment, ther...