Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2021/06/17 11:35 a.m.2 views

curl: FTP PASV command response can cause curl to connect to arbitrary host

A malicious server can use the PASV response to trick curl into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. If cu...

4.3CVSS6.8AI score0.03851EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2020/12/14 7:38 p.m.74 views

CVE-2020-8284

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service...

4.3CVSS6.5AI score0.03851EPSS
Exploits0
Cvelist
Cvelist
added 2020/12/14 7:38 p.m.38 views

CVE-2020-8284

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service...

6.2AI score0.03851EPSS
Exploits0References16
Debian CVE
Debian CVE
added 2020/12/14 7:38 p.m.47 views

CVE-2020-8284

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service...

4.3CVSS6.4AI score0.03851EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2017/09/27 12:0 a.m.3 views

PT-2017-4195 · Cisco · Cisco Ios +1

Name of the Vulnerable Software and Affected Versions: Cisco Catalyst 6800 Series Switches versions 15.0 through 15.4 Description: A memory management issue in the Virtual Private LAN Service VPLS code of Cisco IOS Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated,...

6.5CVSS7.2AI score0.02034EPSS
Exploits0References10
Rows per page
Query Builder