43 matches found
GNU Midnight Commander 授权问题漏洞
GNU Midnight Commander is a visual file manager. A security vulnerability exists in Midnight Commander that stems from the fact that starting with version 4.8.26, the server's fingerprint is neither checked nor displayed when Midnight Commander establishes an SFTP connection. An attacker could us...
Debian DLA-2748-1 : tnef - LTS security update
The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2748 advisory. - In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef...
security flaw
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs...