Page 2 of 13 results (0.004 seconds)

CVSS: 7.5EPSS: 87%CPEs: 9EXPL: 2

Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command. Desbordamiento de búfer basado en la pila en el servicio FTP de 4D WebSTAR 5.3.2 y anteriores permite a atacantes remotos ejecutar código de su elección mediante un comando FTP largo. • https://www.exploit-db.com/exploits/16872 https://www.exploit-db.com/exploits/9928 ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT_DOCUMENTATION/PDF_Docs_by_4D_Product_A-Z/4D_WebSTAR/Software_Change_History.txt http://www.atstake.com/research/advisories/2004/a071304-1.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/16686 •

CVSS: 3.6EPSS: 0%CPEs: 9EXPL: 0

4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack. 4D WebSTAR 5.3.2 y anteriores permiten a usuarios locales leer y modificar ficheros de su elección mediante una ataque de enlaces simbólicos. • ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT_DOCUMENTATION/PDF_Docs_by_4D_Product_A-Z/4D_WebSTAR/Software_Change_History.txt http://www.atstake.com/research/advisories/2004/a071304-1.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/16689 •

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0

The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character. El script ShellExample.cgi en WebSTAR 5.3.2 y anteriores permite a un atacante remotos listar directorios arbitrarios mediante una URL con la ruta deseada y un carácter "*" (asterisco). • ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT_DOCUMENTATION/PDF_Docs_by_4D_Product_A-Z/4D_WebSTAR/Software_Change_History.txt http://www.atstake.com/research/advisories/2004/a071304-1.txt http://www.securityfocus.com/bid/10721 https://exchange.xforce.ibmcloud.com/vulnerabilities/16687 •

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0

Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information. Vulnerabilidad desconocida en 4D WebSTAR 5.3.2 y anteriores permite a atacantes remotos leer el fichero de configuración php.ini y posiblemente obtener información sensible. • ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT_DOCUMENTATION/PDF_Docs_by_4D_Product_A-Z/4D_WebSTAR/Software_Change_History.txt http://www.atstake.com/research/advisories/2004/a071304-1.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/16688 •

CVSS: 5.0EPSS: 0%CPEs: 252EXPL: 0

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 http://fedoranews.org/updates/FEDORA-2004-095.shtml http://marc.info/?l=bugtraq&m=107955049331965&w=2 http://marc.info/?l=bugtraq&m=108403850228012&w=2 http://rhn.redhat.com/errata/RHSA-2004-119.html http://secunia.com/advisories/11139 http://security.gen •