file transfer
-----------------------------------------------
Release Date:
07-Apr-2008
Software:
Tumbleweed Communications - SecureTransport FileTransfer
http://www.tumbleweed.com/
Description:
"Tumbleweed SecureTransport is the industry's most secure Managed File Transfer
solution for moving financial transactions, critical business files, large
R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities
February 7, 2011
-- Vulnerability Details:
The Accellion File Transfer Appliance, prior to version FTA_8_0_562, suffers from a number of security flaws that can lead to a remote root compromise.
1. Message Routing Daemon Default Encryption Keys
Introduction:
=============
Skype is a software application that allows users to make voice and video calls and chats over the Internet. Calls to other users within the
Skype service are free, while calls to both traditional landline telephones and mobile phones can be made for a fee using a debit-based
user account system. Skype has also become popular for its additional features which include instant messaging, file transfer, and
videoconferencing. Skype has 663 million registered users as of 2010. The network is operated by Skype Limited, which has its headquarters
in Luxembourg. Most of the development team and 44% of the overall employees of Skype are situated in the offices of Tallinn and Tartu, Estonia.
(Copy of the Vendor Homepage: http://en.wikipedia.org/wiki/Skype)
Summary:
HTC devices running Android 2.1 and Android 2.2 are prone to a directory traversal vulnerability in the Bluetooth OBEX FTP Service. Exploiting this issue allows a remote authenticated attacker to list arbitrary directories, and read arbitrary files, via a ../ in a pathname.
Description:
In the present HTC / Android phones include a Bluetooth stack, which provides Bluetooth communications with other remote devices. The File Transfer Profile (OBEX FTP) is one among all the Bluetooth services that may be implemented in the stack.
The OBEX FTP service is a software implementation of the File Transfer Profile (FTP). The File Transfer Profile (FTP) is intended for data exchange and it is based on the OBEX communications client-server protocol. The service is present in a large number of Bluetooth mobile phones. This service can be used for sending files from the phone to other remote devices and also allows remote devices to browse shared folders and download files from the phone.
In HTC / Android phones, the default directory of the OBEX FTP Server is the SDCard. Only files placed in the directory of the SDCard can be shared. The user cannot select other directory so sensitive files related to the operating system are not exposed.
Application: Soldat
http://www.soldat.pl
Versions: game <= 1.4.2 and dedicated server <= 2.6.2
Platforms: Windows (Linux not affected)
Bugs: A] clients crash caused by too long strings on the screen
B] denial of service through file transfer port
C] easy IP banning
Exploitation: remote
A] versus clients
B] versus server (Windows only)
C] versus specific clients
Timbuktu Pro [1] is a desktop-to-desktop remote control software for the
Windows and Macintosh operating systems. The following vulnerabilities
have been identified in Timbuktu Pro:
1) File transfer directory traversal (CVE-2008-1117): The '\' and '/'
are not properly sanitized when checking the destination filename. The
problem resides in the Notes feature implemented by tb2ftp.dll loaded by
the tb2pro.exe. This is the main issue.
2) Log input manipulation (CVE-2008-1118): Several fields of the packet
Symantec System Center is an MMC (Microsoft Management Console) snap-in
that allows an administrator to remotely manage Symantec products. The
Symantec System Center comes bundled with several Symantec products,
including Symantec Client Security and Symantec AntiVirus. It contains
an optional component called the Alert Management System Console. This
component starts a service (Intel File Transfer) that listens on TCP
port 12174.
II. DESCRIPTION
Remote exploitation of a design error vulnerability in Symantec Corp.'s
_______________
Details
_______________
- File Transfer to Client -
OneNote accepts a command switch to specify the location of the
local cache directory. By specifying this switch on the URL It is
possible to specify an arbitrary location on the client, which
will be used to cache the opened notebooks.
scip AG Vulnerability ID 3809 (09/12/2008)
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3809
I. INTRODUCTION
StingRay FTS is a file transfer server for Internet communications.
Customers are able to transfer files or to send emails via the device.
More information is available on the official product web site at the
following URL:
Security vulnerabilities has been identified and fixed in pidgin:
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin
(formerly Gaim) before 2.5.6 allows remote authenticated users to
execute arbitrary code via vectors involving an outbound XMPP file
transfer. NOTE: some of these details are obtained from third party
information (CVE-2009-1373).
Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim)
before 2.5.6 allows remote attackers to cause a denial of service
(application crash) via a QQ packet (CVE-2009-1374).
packet that specifies an arbitrary URL. (CVE-2008-2957)
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin
(formerly Gaim) before 2.5.6 allows remote authenticated users to
execute arbitrary code via vectors involving an outbound XMPP file
transfer. NOTE: some of these details are obtained from third party
information (CVE-2009-1373).
Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim)
before 2.5.6 allows remote attackers to cause a denial of service
(application crash) via a QQ packet (CVE-2009-1374).
Vulnerability Type: XSS, Remote Code Execution
Risk level: Very High
Credit: Kacper Szczesniak <kacper3.14@gmail.com>
Vulnerability Details:
Gadu-Gadu improperly handles file transfer requests. It's possible to
place 255 chars of HTML code (no slash) inside the filename. This can
lead to injecting JavaScript into UI using crafted file-send-request
packet. It's possible to trigger various actions from GUI JavaScript
code such as saving and running any file on victim's host. Internal
protocols are abused for these purposes. No 'security' mechanisms like
==[ Overview
ICQ (I Seek You) Instant Messenger is one of the most popular internet
chat software. Since 1996, it has grown to a community of over 180
million users. It has features for instant messaging, chat, sending
e-mail, SMS, file transfer, wireless-pager messages, etc.
==[ Vulnerability
INFIGO IS's security team identified a critical remote buffer overflow
services. Customers include Boeing, SUN, ISS, SAP - See
http://www.jscape.com/clients.html for more details.
The JSCAPE Secure FTP Applet is a secure FTP client that runs within Java
enabled web browsers. The software supports SFTP (FTP over SSH) and FTPS
(FTP over SSL) for encrypted file transfer.
Description
-----------
To prevent man-in-the-middle attacks it is important to check the
-->
<html>
<object classid='clsid:302124C4-30A0-484A-9C7A-B51D5BA5306B' id='obj' />
</object>
<script>
obj.UnlockComponent("suntzu"); //needed for file transfer operations, type whatever here
obj.Port=21; //configure ftp connection
obj.Hostname="192.168.0.1"; //change here
obj.ConnectTimeout=5;
obj.Passive=1;
var x;
Description
-----------
Rumpus turns any Mac into a file transfer server.
Rumpus v6.0 contains two buffer overflow vulnerabilities in its HTTP and FTP modules. The first allows an unauthenticated user to crash Rumpus. The later may result in arbitrary code execution under superuser privilege.
The overflow in HTTP component is caused by the lack of boundary check when parsing for HTTP action verb (GET, POST, PUT, etc.). If the verb is exactly 2908-byte long, the server runs into a segmentation fault and crashes. A manual restart is required. It has been observed that this problem occurs at other verb lengths too. The vulnerability is rated at moderate severity for the lost of service.
arbitrary code when extended attributes are being used.
Background
==========
rsync is a file transfer program to keep remote directories
synchronized.
Affected packages
=================
security restrictions.
Background
==========
scponly is a shell for restricting user access to file transfer only
using sftp and scp.
Affected packages
=================
Earlier versions may also be affected.
Overview:
1.vendor description of software
------------------------------------------------
TurboFTP Server is a high performance, secure, scalable and management friendly file transfer server running on Windows platforms. With it you can easily set up a secure file transfer server that delivers regular FTP, FTP over SSL/TLS, and "SFTP over SSH" services with virtual domains, advanced directory access control, virtual folders, IP access control, flexible authentication options and many other features.
2.vulnerability details:
------------------------------------------------
Directory Traversal Vulnerability exists in "FTP" and "SFTP" module of Turbo FTP Server that allows an authenticated user to create directories outside the root directory, which may lead to other attacks.
If you could log on the server successfully,
===========
Multiple vulnerabilities have been discovered in Pidgin:
* Veracode reported a boundary error in the "XMPP SOCKS5 bytestream
server" when initiating an outgoing file transfer (CVE-2009-1373).
* Ka-Hing Cheung reported a heap corruption flaw in the QQ protocol
handler (CVE-2009-1374).
* A memory corruption flaw in "PurpleCircBuffer" was disclosed by
security restrictions.
Background
==========
scponly is a shell for restricting user access to file transfer only
using sftp and scp.
Affected packages
=================
Debian-specific: no
CVE ID : CVE-2009-0037
Debian Bug : 518423
BugTraq ID : 33962
David Kierznowski discovered that libcurl, a multi-protocol file transfer
library, when configured to follow URL redirects automatically, does not
question the new target location. As libcurl also supports file:// and
scp:// URLs - depending on the setup - an untrusted server could use that
to expose local files, overwrite local files or even execute arbitrary
code via a malicious URL redirect.
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE Id : CVE-2010-0734
Wesley Miaw discovered that libcurl, a multi-protocol file transfer
library, is prone to a buffer overflow via the callback function when
an application relies on libcurl to automatically uncompress data. Note
that this only affects applications that trust libcurl's maximum limit
for a fixed buffer size and do not perform any sanity checks themselves.
Title: Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credentials
Vendor: Beehive Software
Vendor URL: http://www.thebeehive.com/
Affected File: http://<host>/sfcommon/SendFile.jar
Vendor Contact Date: 7/26/2007
Vendor Response: None
Security vulnerabilities has been identified and fixed in pidgin:
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin
(formerly Gaim) before 2.5.6 allows remote authenticated users to
execute arbitrary code via vectors involving an outbound XMPP file
transfer. NOTE: some of these details are obtained from third party
information (CVE-2009-1373).
Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim)
before 2.5.6 allows remote attackers to cause a denial of service
(application crash) via a QQ packet (CVE-2009-1374).
in rsync.
Background
==========
rsync is a file transfer program to keep remote directories
synchronized.
Affected packages
=================
0x01 : Vendor description of software
-------------------------------------
From the vendor website:
TurboFTP Server is a high performance, secure, scalable and management
friendly file transfer server running on Windows platforms. With it you
can easily set up a secure file transfer server that delivers regular FTP,
FTP over SSL/TLS, and SFTP over SSH services with virtual domains,
advanced directory access control, virtual folders, IP access control,
flexible authentication options and many other features.
Multiple security vulnerabilities has been identified and fixed
in gaim:
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin before
2.5.6 allows remote authenticated users to execute arbitrary code via
vectors involving an outbound XMPP file transfer. NOTE: some of these
details are obtained from third party information (CVE-2009-1373).
Multiple integer overflows in the msn_slplink_process_msg functions
in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c
and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.5.6
|
