Lucene search
K

967 matches found

Tenable Nessus
Tenable Nessus
added 2010/08/25 12:0 a.m.16 views

Serv-U < 10.2.0.0

According to its banner, the installed version of Serv-U is earlier than 10.2.0.0 and is, therefore, potentially affected by the following issues : - It is possible to create a directory, when using virtual paths and various combinations of permissions, where the end-user does not have permission...

5.5AI score
Exploits0References1
securityvulns
securityvulns
added 2010/08/19 12:0 a.m.141 views

ACROS Security: Remote Binary Planting in Apple iTunes for Windows &#40;ASPR #2010-08-18-1&#41;

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-08-18-1 ------------------------------------------------------------------------- ASPR 2010-08-18-1: Remote Binary Planting in Apple iTunes for Windows...

1.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/08/18 12:0 a.m.14 views

Serv-U < 10.2.0.0 Multiple Vulnerabilities

Binary data 5635.prm...

7.3AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2010/08/04 9:30 p.m.3 views

httpd: Expect header XSS

httpprotocol.c in 1 IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and 2 Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site...

4.3CVSS7.1AI score0.94281EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2010/08/02 12:0 a.m.38 views

Wing FTP Server < 3.6.1 Multiple Flaws

According to its banner, the remote host is running a version of Wing FTP Server earlier than 3.6.1. Such versions are reportedly affected by multiple issues : - An unspecified issue in the SSH implementation could allow an authenticated attacker to trigger a denial of service condition. - An...

5.6AI score
Exploits0References1
NVD
NVD
added 2010/05/26 6:30 p.m.25 views

CVE-2009-4873

Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service server crash or execute arbitrary code via a long Session cookie...

10CVSS8AI score0.20553EPSS
Exploits1References4
CVE
CVE
added 2010/05/26 6:0 p.m.56 views

CVE-2009-4873

CVE-2009-4873 describes a stack-based buffer overflow in the HTTP server of Rhino Software Serv-U Web Client 9.0.0.5, exploitable via a long Session cookie to cause a denial of service or arbitrary code execution. Multiple connected sources confirm the vulnerability, with OpenVAS and Nessus notin...

10CVSS8.3AI score0.20553EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2010/04/14 12:0 a.m.50 views

ACROS Security: Remote Binary Planting in VMware Tools for Windows &#40;ASPR #2010-04-12-1&#41;

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-04-12-1 ------------------------------------------------------------------------- ASPR 2010-04-12-1: Remote Binary Planting in VMware Tools for Windows...

0.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/01/31 12:0 a.m.1 views

Rhino Software Serv-U Web Client HTTP Request Remote Buffer Overflow

A code execution vulnerability exists in Rhino Software Serv-U. The vulnerability is due to a buffer overflow that can occur when Servu-U Web Client handles overly large HTTP requests. Remote attackers could exploit this vulnerability by sending a malicious HTTP request to a vulnerable version of...

7.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/01/12 12:0 a.m.8 views

Web Client Detection

Binary data 5299.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/11/24 12:0 a.m.16 views

RhinoSoft Serv-U Web Client HTTP Request Remote Buffer Overflow

Binary data 5236.prm...

10CVSS7.3AI score0.20553EPSS
Exploits1References2
Saint
Saint
added 2009/11/08 12:0 a.m.27 views

Serv-U Web Client session cookie handling buffer overflow

Added: 11/08/2009 BID: 36895 OSVDB: 59772 Background Serv-U is an FTP server for Windows platforms. The Serv-U Web Client component provides a browser-based interface to Serv-U. Problem A buffer overflow in the Serv-U Web Client allows remote attackers to execute arbitrary code when overly long...

8.8AI score
Exploits0
Saint
Saint
added 2009/11/08 12:0 a.m.12 views

Serv-U Web Client session cookie handling buffer overflow

Added: 11/08/2009 BID: 36895 OSVDB: 59772 Background Serv-U is an FTP server for Windows platforms. The Serv-U Web Client component provides a browser-based interface to Serv-U. Problem A buffer overflow in the Serv-U Web Client allows remote attackers to execute arbitrary code when overly long...

8.8AI score
Exploits0
Saint
Saint
added 2009/11/08 12:0 a.m.19 views

Serv-U Web Client session cookie handling buffer overflow

Added: 11/08/2009 BID: 36895 OSVDB: 59772 Background Serv-U is an FTP server for Windows platforms. The Serv-U Web Client component provides a browser-based interface to Serv-U. Problem A buffer overflow in the Serv-U Web Client allows remote attackers to execute arbitrary code when overly long...

2.1AI score
Exploits0
Saint
Saint
added 2009/11/08 12:0 a.m.24 views

Serv-U Web Client session cookie handling buffer overflow

Added: 11/08/2009 BID: 36895 OSVDB: 59772 Background Serv-U is an FTP server for Windows platforms. The Serv-U Web Client component provides a browser-based interface to Serv-U. Problem A buffer overflow in the Serv-U Web Client allows remote attackers to execute arbitrary code when overly long...

2.1AI score
Exploits0
exploitpack
exploitpack
added 2009/11/05 12:0 a.m.19 views

Serv-U Web Client 9.0.0.5 - Remote Buffer Overflow (2)

Serv-U Web Client 9.0.0.5 - Remote Buffer Overflow 2 / !!!FOR EDUCATIONAL USE ONLY!!! M.Yanagishita Nov 2, 2009 !!!FOR EDUCATIONAL USE ONLY!!! / include include pragma commentlib, "ws232" define Diea ifareturn; char request = "POST / HTTP/1.1\r\nHost: %s\r\nCookie: killmenothing; SULang=de%%2CDE;...

0.8AI score
Exploits0
seebug.org
seebug.org
added 2009/11/05 12:0 a.m.23 views

Serv-U Web客户端HTTP请求远程溢出漏洞

BUGTRAQ ID: 36895 Serv-U FTP是一款FTP服务程序。 Serv-U产品捆绑有一个简单的基于浏览器的传输客户端,这个客户端在处理超长的会话Cookie时存在缓冲区溢出漏洞。如果用户受骗连接到了恶意服务器并向WebClient HTTP服务返回了超长的会话Cookie,就可能触发这个溢出,导致在用户机器上执行任意指令。 RhinoSoft Serv-U 9.0.0.5 临时解决方法: 禁用WebClient服务,仅使用Serv-U FTP/SFTP组件。 厂商补丁: RhinoSoft ---------...

6.9AI score
Exploits0
0day.today
0day.today
added 2009/11/05 12:0 a.m.18 views

Serv-u web client 9.0.0.5 buffer overflow

Exploit for unknown platform in category remote exploits ========================================= Serv-u web client 9.0.0.5 buffer overflow ========================================= Title: Serv-u web client 9.0.0.5 buffer overflow CVE-ID: OSVDB-ID: Author: Megumi Yanagishita Published: 2009-11-0...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/05 12:0 a.m.36 views

Serv-U Web Client 9.0.0.5 - Remote Buffer Overflow (2)

/ !!!FOR EDUCATIONAL USE ONLY!!! M.Yanagishita Nov 2, 2009 !!!FOR EDUCATIONAL USE ONLY!!! / include include pragma commentlib, "ws232" define Diea ifareturn; char request = "POST / HTTP/1.1\r\nHost: %s\r\nCookie: killmenothing; SULang=de%%2CDE; themename=vista;" "...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2009/11/03 12:0 a.m.18 views

Serv-U Web Client HTTP Request Remote Buffer Overflow Vulnerability

Serv-U Web Client is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user- supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in...

10CVSS0.1AI score0.20553EPSS
Exploits1References3
Rows per page
Query Builder