111 matches found
CVE-2021-33896
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators...
Directory traversal
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators...
CVE-2021-33896
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators...
CVE-2021-33896
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators...
CVE-2021-33896
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators...
CVE-2021-33896
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators...
AZL-44862 CVE-2020-28469 affecting package js-jquery 3.5.0-4
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...
SUSE: Security Advisory (SUSE-SU-2019:2890-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : samba (RHSA-2020:1084)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1084 advisory. - A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set i...
RHEL 7 : samba (RHSA-2020:1084)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1084 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
samba: smb client vulnerable to filenames containing path separators
A flaw was found in the samba client where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working...
samba: smb client vulnerable to filenames containing path separators
A flaw was found in the samba client where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working...
Directory traversal
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...
OPENSUSE-SU-2019:2458-1 Security update for samba
This update for samba fixes the following issues: Security issues fixed: - CVE-2019-14847: User with 'get changes' permission can crash AD DC LDAP server via dirsync bsc1154598. - CVE-2019-10218: Client code can return filenames containing path separators bsc1144902. - CVE-2019-14833: Fixed Accen...
Security update for samba (important)
openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2019:2458-1 Rating: important References: 1125601 1127153 1130245 1134452 1144902 1154289 1154598 Cross-References: CVE-2019-10218 CVE-2019-14833 CVE-2019-14847 Affected Products: openSUSE Leap 15.0 An update that...
Ubuntu 16.04 LTS / 18.04 LTS : Samba vulnerabilities (USN-4167-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4167-1 advisory. Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a...
Ubuntu: Security Advisory (USN-4167-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4167-2: Samba vulnerabilities
USN-4167-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecti...
USN-4167-1: Samba vulnerabilities
Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. CVE-2019-10218 Simon...
Unspecified vulnerability in Samba (CNVD-2019-39841)
Samba is a set of free software from the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. A security vulnerability exis...