5 results (0.004 seconds)

CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 1

Absolute path traversal vulnerability in the Systematica SMTP Adapter component (up to v2.0.1.101) in Systematica Radius (up to v.3.9.256.777) allows remote attackers to read arbitrary files via a full pathname in GET parameter "file" in URL. Also: affected components in same product - HTTP Adapter (up to v.1.8.0.15), MSSQL MessageBus Proxy (up to v.1.1.06), Financial Calculator (up to v.1.3.05), FIX Adapter (up to v.2.4.0.25) Vulnerabilidad de path traversal absoluto en el componente Systematica SMTP Adapter (hasta v2.0.1.101) en Systematica Radius (hasta v.3.9.256.777) permite a atacantes remotos leer archivos arbitrarios a través de un nombre de ruta completo en el parámetro GET "archivo" en URL . Además: componentes afectados en el mismo producto: Adaptador HTTP (hasta v.1.8.0.15), Proxy MSSQL MessageBus (hasta v.1.1.06), Calculadora financiera (hasta v.1.3.05), Adaptador FIX (hasta v.2.4.0.25) • https://github.com/fbkcs/CVE-2021-35975 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 0%CPEs: 40EXPL: 0

Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466 http://marc.info/?l=bugtraq&m=101537153021792&w=2 http://www.cert.org/advisories/CA-2002-06.html http://www.iss.net/security_center/static/8354.php http://www.kb.cert.org/vuls/id/936683 http://www.redhat.com/support/errata/RHSA-2002-030.html http://www&# •

CVSS: 7.5EPSS: 3%CPEs: 40EXPL: 0

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. • http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466 http://marc.info/?l=bugtraq&m=101537153021792&w=2 http://online.securityfocus.com/archive/1/239784 http://www.cert.org/advisories/CA-2002-06.html http://www.kb.cert.org/vuls/id/589523 http://www.redhat.com/support/errata/RHSA-2002-030.html http://www.securityfocus.com/bid/3530 https://exchange.xforce.ibmcloud.com/vulnerabilities/7534 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack. • http://freshmeat.net/releases/52020 •

CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0

Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages. • http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0009.html http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html http://freshmeat.net/releases/52020 http://www.securityfocus.com/bid/2994 •