7 results (0.003 seconds)

CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0

Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. Vulnerabilidad de salto de directorio en Rhino Software, Inc. FTP Voyager v15.2.0.11 y posiblemente versiones previas, permite a servidores FTP remotos crear archivos de su elección a través de la secuencia "..\" en el nombre de archivo. • http://marc.info/?l=bugtraq&m=128654931101920&w=2 http://packetstormsecurity.org/1010-exploits/ftpvoyager-traversal.txt http://secunia.com/advisories/41719 http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_ftp_voyager.html http://www.osvdb.org/68607 http://www.securityfocus.com/bid/43869 https://exchange.xforce.ibmcloud.com/vulnerabilities/62392 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 10.0EPSS: 55%CPEs: 1EXPL: 4

Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie. Desbordamiento de búfer basado en pila en el servidor HTTP en Rhino Software Serv-U Web Client v9.0.0.5 permite a atacantes remotos causar una denegación de servicio (caída de servidor) o ejecutar código de su elección a través de una cookie de sesión larga. • https://www.exploit-db.com/exploits/9966 https://www.exploit-db.com/exploits/9800 http://secunia.com/advisories/37228 http://www.rangos.de/ServU-ADV.txt http://www.securityfocus.com/bid/36895 http://www.vupen.com/english/advisories/2009/3116 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 2

Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command. Desbordamiento de búfer en Rhino Software, Inc. FTP Voyager 14.0.0.3 y anteriores permite a servidores remotos provocar denegación de servicio (caida) a través de una respuesta a un comando CWD, lo cual dispara el desbordamiento de flujo cuando el usuario aborta el comando. • https://www.exploit-db.com/exploits/3343 http://osvdb.org/33746 http://www.securityfocus.com/bid/22637 https://exchange.xforce.ibmcloud.com/vulnerabilities/32593 •

CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 3

Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL. • http://marc.info/?l=bugtraq&m=109552436811493&w=2 http://secunia.com/advisories/12595 http://securitytracker.com/id?1011334 http://www.gulftech.org/?node=research&article_id=00049-09162004 http://www.securityfocus.com/bid/11213 https://exchange.xforce.ibmcloud.com/vulnerabilities/17425 •

CVSS: 5.0EPSS: 8%CPEs: 1EXPL: 1

The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data. • https://www.exploit-db.com/exploits/24610 http://marc.info/?l=bugtraq&m=109552436811493&w=2 http://secunia.com/advisories/12595 http://securitytracker.com/id?1011334 http://www.gulftech.org/?node=research&article_id=00049-09162004 http://www.securityfocus.com/bid/11213 https://exchange.xforce.ibmcloud.com/vulnerabilities/17426 •