EUVD-2021-0224

Malware in sbrugna...

CVE-2021-32061

S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a ../ substring in a ListBucketResult element...

TotalCloud Insights: Hidden Risks of Amazon S3 Misconfigurations

Misconfiguring Amazon S3 Buckets Can Pose Major Risks Amazon Web Services AWS is the world’s largest cloud security provider, and it provides the ability to store massive amounts of cloud-resident data with the Amazon Simple Storage Service S3 bucket. Amazon S3 is an object storage solution known...

GHSA-QPPG-V75C-R5FF S3Scanner allows Directory Traversal

S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a ../ substring in a ListBucketResult element...

S3Scanner allows Directory Traversal

S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a ../ substring in a ListBucketResult element...

Path Traversal

S3Scanner is vulnerable to path traversal. An attacker can save files outside the folder specified with --dump-dir via a crafted bucket when the ListBucketResult element contains special characters...

S3Scanner Path Traversal Vulnerability

S3Scanner is an open source tool for finding open S3 storage buckets and dumping their contents by Dan Salmon, an individual developer in the United States. S3Scanner prior to version 2.0.2 suffers from a path traversal vulnerability that stems from a failure of a networked system or product to...

CVE-2021-32061

S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a ../ substring in a ListBucketResult element...

CVE-2021-32061

S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a ../ substring in a ListBucketResult element...

PYSEC-2021-433

S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a ../ substring in a ListBucketResult element...

Directory traversal

S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a ../ substring in a ListBucketResult element...

CVE-2021-32061

S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a ../ substring in a ListBucketResult element...

CVE-2021-32061

CVE-2021-32061 affects S3Scanner prior to 2.0.2. A crafted bucket can trigger a directory traversal via a ../ substring in a ListBucketResult element, potentially exposing bucket contents. This vulnerability is documented across multiple feeds (including Red Hat, CNVD, GHSA, and OSV entries) and ...

S3Scanner 路径遍历漏洞

S3Scanner is an open source tool for finding open S3 storage buckets and dumping their contents by Dan Salmon, an individual developer in the United States. S3Scanner prior to version 2.0.2 suffers from a path traversal vulnerability that stems from a failure of a networked system or product to...

S3Scanner - Scan For Open S3 Buckets And Dump

A quick and dirty script to find unsecured S3 buckets and dump their contents. Using The tool has 2 parts: 1 - s3finder.py This script takes a list of domain names and checks if they're hosted on Amazon S3. Found S3 domains are output to file with their corresponding region in format...