Lucene search
K

54 matches found

NVD
NVD
added 2017/01/23 7:59 a.m.16 views

CVE-2016-10104

Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to an...

5.9CVSS5.5AI score0.00578EPSS
Exploits0References2
Prion
Prion
added 2017/01/23 7:59 a.m.14 views

Design/Logic Flaw

hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and...

4.3CVSS7AI score0.00362EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/01/23 7:59 a.m.18 views

CVE-2016-10102

hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and...

8.1CVSS8AI score0.00362EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/01/23 6:49 a.m.24 views

CVE-2016-10104

Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to an...

5.5AI score0.00578EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/01/23 6:49 a.m.20 views

CVE-2016-10102

hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and...

8AI score0.00362EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/12/08 12:0 a.m.17 views

Core FTP LE Client 'SSH/SFTP' Remote Buffer Overflow Vulnerability

Core FTP Client is prone to remote buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:coreftp:coreftp...

7.9AI score
Exploits0References2
0day.today
0day.today
added 2016/11/27 12:0 a.m.41 views

Core FTP LE 2.2 - SSH/SFTP Remote Buffer Overflow (PoC) Exploit

Exploit for windows platform in category dos / poc + Credits: John Page aka hyp3rlinx Vendor: =============== www.coreftp.com Product: ======================== Core FTP LE client v2.2 build 1883 Core FTP LE - free Windows software that includes the client FTP features you need. Features like SFTP...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2016/11/27 12:0 a.m.26 views

Core FTP LE 2.2 - SSHSFTP Remote Buffer Overflow (PoC)

Core FTP LE 2.2 - SSHSFTP Remote Buffer Overflow PoC + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CORE-FTP-REMOTE-SSH-SFTP-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: =============== www.coreftp.com Product:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/27 12:0 a.m.36 views

Core FTP LE 2.2 Build 1883 Buffer Overflow

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CORE-FTP-REMOTE-SSH-SFTP-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: =============== www.coreftp.com Product: ======================== Core FTP LE client v2.2 build 1883...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/27 12:0 a.m.62 views

Core FTP LE 2.2 - 'SSH/SFTP' Remote Buffer Overflow (PoC)

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CORE-FTP-REMOTE-SSH-SFTP-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: =============== www.coreftp.com Product: ======================== Core FTP LE client v2.2 build 1883...

7.4AI score
Exploits0
F5 Networks
F5 Networks
added 2016/08/11 12:0 a.m.42 views

SOL21531693 - libssh2 vulnerability CVE-2016-0787

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.9CVSS1.6AI score0.02697EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2014/09/12 12:0 a.m.23 views

Rooted SSH/SFTP Daemon Default Login Credentials

Title: Rooted SSH/SFTP Daemon Default Login Credentials Author: Larry W. Cashdollar, @larry0 OSVDB-ID: 110742 Date: 9/2/2014 Download: https://play.google.com/store/apps/details?id=web.oss.sshsftpDaemon Description: "This app is a SSH terminal server AND an SFTP file server." Vulnerability: The...

0.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2007/10/21 8:17 p.m.24 views

CVE-2007-5337

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs...

4.3CVSS6AI score0.02441EPSS
Exploits1References3
securityvulns
securityvulns
added 2006/02/16 12:0 a.m.51 views

SSH SFTP client / server format string vulnerability

Format string bug on filename logging...

6.5CVSS1.5AI score0.10188EPSS
Exploits0References2Affected Software6
Rows per page
Query Builder