Searching put software vulnerabilities

Directory traversal vulnerability in SunFTP bui

vulnerability | arbitrary | attackers | traversal | Directory | remote | SunFTP | allows | files | build | read | via |

Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.


Directory traversal vulnerability in CooolSoft

vulnerability | CooolSoft | Directory | traversal | Personal | Server | FTP |

Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, (3) put, or (4) get.


ifconfig, when used on the Linux kernel 2.2 and

PACKET_MR_PROMISC | demonstrated | promiscuous | attackers | detection | interface | ifconfig | libpcap | network | without | report | kernel | which | allow | could | Linux | later | using | sniff | does | mode | used | put | not |

ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.


Microsoft Java virtual machine (VM) 5.0.0.3810

Microsoft | virtual | machine | Java |

Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java."


Buffer overflow in the put_words function in su

put_words | function | overflow | abcm2ps | Buffer | subsc |

Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to execute arbitrary code via crafted ABC files.


Directory traversal vulnerability in the FTP se

vulnerability | arbitrary | attackers | Directory | traversal | TriDComm | earlier | remote | server | allows | files | write | read | via | FTP |

Directory traversal vulnerability in the FTP server in TriDComm 1.3 and earlier allows remote attackers read or write arbitrary files via a .. (dot dot) in FTP commands such as (1) DIR, (2) GET, or (3) PUT.


Directory traversal vulnerability in Digicraft

vulnerability | Digicraft | Directory | traversal | through | server | Yak |

Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via "../" or "..\" sequences in commands such as (1) dir or (2) put.


Squid 2.5.STABLE7 and earlier allows remote att

25STABLE7 | attackers | earlier | service | denial | allows | remote | Squid | cause |

Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.


By design, the built-in FTP server for iSeries

restricted | databases | sensitive | attackers | arbitrary | including | built-in | pathname | document | support | request | iSeries | systems | allows | AS/400 | server | design | files | which | write | root | full | QSYS | does | read | PUT | not | GET | via | FTP |

By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request.


Bluetooth FTP client (BTFTP) in Nokia Affix 2.1

Bluetooth | client | FTP |

Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command.


Multiple vulnerabilities in Linux kernel before

vulnerabilities | Multiple | kernel | before | Linux |

Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on 64-bit systems.


The HTBoundary_put_block function in HTBound.c

HTBoundary_put_block | HTBoundc | function | libwww | W3C |

The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.


Directory traversal vulnerability in the FTP se

vulnerability | Directory | traversal | server | FTP |

Directory traversal vulnerability in the FTP server (port 22003/tcp) in Farmers WIFE 4.4 SP1 allows remote attackers to create arbitrary files via ".." (dot dot) sequences in a (1) PUT, (2) SIZE, and possibly other commands.


perfmon (perfmon.c) in Linux kernel on IA64 arc

perfmon |

perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function.


Multiple buffer overflows in STLport 5.0.2 migh

overflows | Multiple | STLport | buffer |

Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via (1) long locale environment variables to a strcpy function call in c_locale_glibc2.c and (2) long arguments to unspecified functions in num_put_float.cpp.


publish.ical.php in Jim Hu and Chad Little PHP

publishicalphp | iCalendar | Little | Chad | Jim | PHP |

publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier does not require authentication for write access to the calendars directory, which allows remote attackers to upload and execute arbitrary PHP scripts via a WebDAV PUT request with a filename containing a .php extension and a trailing null character.


Links web browser 1.00pre12 and Elinks 0.9.2 wi

100pre12 | browser | Elinks | Links | web |

Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements.


Multiple directory traversal vulnerabilities in

vulnerabilities | SeleniumServer | directories | arbitrary | attackers | sequences | traversal | directory | possibly | Multiple | earlier | Server | remote | upload | files | allow | read | list | FTP | via |

Multiple directory traversal vulnerabilities in SeleniumServer FTP Server 1.0, and possibly earlier, allow remote attackers to list arbitrary directories, read arbitrary files, and upload arbitrary files via directory traversal sequences in the (1) DIR (LIST or NLST), (2) GET (RETR), and (3) PUT (STOR) commands.


Buffer overflow in Tftpd32 3.01 allows remote a

overflow | Tftpd32 | Buffer |

Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window.


Multiple stack-based buffer overflows in 3Com 3

stack-based | overflows | 3CTftpSvc | Multiple | buffer | 3Com |

Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command.


Software vulnerabilities results 1 to 20 of 31     
Page: 12