967 matches found
Serv-U < 10.2.0.0
According to its banner, the installed version of Serv-U is earlier than 10.2.0.0 and is, therefore, potentially affected by the following issues : - It is possible to create a directory, when using virtual paths and various combinations of permissions, where the end-user does not have permission...
ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1)
=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-08-18-1 ------------------------------------------------------------------------- ASPR 2010-08-18-1: Remote Binary Planting in Apple iTunes for Windows...
Serv-U < 10.2.0.0 Multiple Vulnerabilities
Binary data 5635.prm...
httpd: Expect header XSS
httpprotocol.c in 1 IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and 2 Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site...
Wing FTP Server < 3.6.1 Multiple Flaws
According to its banner, the remote host is running a version of Wing FTP Server earlier than 3.6.1. Such versions are reportedly affected by multiple issues : - An unspecified issue in the SSH implementation could allow an authenticated attacker to trigger a denial of service condition. - An...
CVE-2009-4873
Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service server crash or execute arbitrary code via a long Session cookie...
CVE-2009-4873
CVE-2009-4873 describes a stack-based buffer overflow in the HTTP server of Rhino Software Serv-U Web Client 9.0.0.5, exploitable via a long Session cookie to cause a denial of service or arbitrary code execution. Multiple connected sources confirm the vulnerability, with OpenVAS and Nessus notin...
ACROS Security: Remote Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-1)
=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-04-12-1 ------------------------------------------------------------------------- ASPR 2010-04-12-1: Remote Binary Planting in VMware Tools for Windows...
Rhino Software Serv-U Web Client HTTP Request Remote Buffer Overflow
A code execution vulnerability exists in Rhino Software Serv-U. The vulnerability is due to a buffer overflow that can occur when Servu-U Web Client handles overly large HTTP requests. Remote attackers could exploit this vulnerability by sending a malicious HTTP request to a vulnerable version of...
Web Client Detection
Binary data 5299.prm...
RhinoSoft Serv-U Web Client HTTP Request Remote Buffer Overflow
Binary data 5236.prm...
Serv-U Web Client session cookie handling buffer overflow
Added: 11/08/2009 BID: 36895 OSVDB: 59772 Background Serv-U is an FTP server for Windows platforms. The Serv-U Web Client component provides a browser-based interface to Serv-U. Problem A buffer overflow in the Serv-U Web Client allows remote attackers to execute arbitrary code when overly long...
Serv-U Web Client session cookie handling buffer overflow
Added: 11/08/2009 BID: 36895 OSVDB: 59772 Background Serv-U is an FTP server for Windows platforms. The Serv-U Web Client component provides a browser-based interface to Serv-U. Problem A buffer overflow in the Serv-U Web Client allows remote attackers to execute arbitrary code when overly long...
Serv-U Web Client session cookie handling buffer overflow
Added: 11/08/2009 BID: 36895 OSVDB: 59772 Background Serv-U is an FTP server for Windows platforms. The Serv-U Web Client component provides a browser-based interface to Serv-U. Problem A buffer overflow in the Serv-U Web Client allows remote attackers to execute arbitrary code when overly long...
Serv-U Web Client session cookie handling buffer overflow
Added: 11/08/2009 BID: 36895 OSVDB: 59772 Background Serv-U is an FTP server for Windows platforms. The Serv-U Web Client component provides a browser-based interface to Serv-U. Problem A buffer overflow in the Serv-U Web Client allows remote attackers to execute arbitrary code when overly long...
Serv-U Web Client 9.0.0.5 - Remote Buffer Overflow (2)
Serv-U Web Client 9.0.0.5 - Remote Buffer Overflow 2 / !!!FOR EDUCATIONAL USE ONLY!!! M.Yanagishita Nov 2, 2009 !!!FOR EDUCATIONAL USE ONLY!!! / include include pragma commentlib, "ws232" define Diea ifareturn; char request = "POST / HTTP/1.1\r\nHost: %s\r\nCookie: killmenothing; SULang=de%%2CDE;...
Serv-U Web客户端HTTP请求远程溢出漏洞
BUGTRAQ ID: 36895 Serv-U FTP是一款FTP服务程序。 Serv-U产品捆绑有一个简单的基于浏览器的传输客户端,这个客户端在处理超长的会话Cookie时存在缓冲区溢出漏洞。如果用户受骗连接到了恶意服务器并向WebClient HTTP服务返回了超长的会话Cookie,就可能触发这个溢出,导致在用户机器上执行任意指令。 RhinoSoft Serv-U 9.0.0.5 临时解决方法: 禁用WebClient服务,仅使用Serv-U FTP/SFTP组件。 厂商补丁: RhinoSoft ---------...
Serv-u web client 9.0.0.5 buffer overflow
Exploit for unknown platform in category remote exploits ========================================= Serv-u web client 9.0.0.5 buffer overflow ========================================= Title: Serv-u web client 9.0.0.5 buffer overflow CVE-ID: OSVDB-ID: Author: Megumi Yanagishita Published: 2009-11-0...
Serv-U Web Client 9.0.0.5 - Remote Buffer Overflow (2)
/ !!!FOR EDUCATIONAL USE ONLY!!! M.Yanagishita Nov 2, 2009 !!!FOR EDUCATIONAL USE ONLY!!! / include include pragma commentlib, "ws232" define Diea ifareturn; char request = "POST / HTTP/1.1\r\nHost: %s\r\nCookie: killmenothing; SULang=de%%2CDE; themename=vista;" "...
Serv-U Web Client HTTP Request Remote Buffer Overflow Vulnerability
Serv-U Web Client is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user- supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in...