4 matches found
Vulnerability-Exploit-Correlation-Engine
Vulnerability-Exploit-Correlation-Engine Passive-analysis CLI...
curl: FTP PASV command response can cause curl to connect to arbitrary host
A malicious server can use the PASV response to trick curl into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. If cu...
trusting FTP PASV responses
When curl performs a passive FTP transfer, it first tries the EPSV command and if that is not supported, it falls back to using PASV. Passive mode is what curl uses by default. A server response to a PASV command includes the IPv4 address and port number for the client to connect back to in order...
Cisco VPN Concentrator Service Banners Information Disclosure (Bug ID CSCdu35577)
Binary data 2216.prm...