CVE-2008-1564
published 2008-03-31CVE-2008-1564: Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in…
PriorityP428medium4.3CVSS 2.0
AVNACMAuNCPINAN
EXPLOIT
EPSS
2.34%
81.5th percentile
Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the filename.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| file-transfer | file_transfer | — | — |
| file-transfer | file_transfer | — | — |
| file-transfer | file_transfer | — | — |
| file-transfer | file_transfer | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vendor_redhat6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7m8c-v4r6-h2j2: Directory traversal vulnerability in Dan Costin File Transfer before 1
ghsa_unreviewed·2022-05-01
CVE-2008-1564 [MEDIUM] CWE-22 GHSA-7m8c-v4r6-h2j2: Directory traversal vulnerability in Dan Costin File Transfer before 1
Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the filename.
Red Hat
libxml2: infinite loop when entity is used in entity definition
vendor_redhat·2008-10-02·CVSS 6.5
CVE-2008-4409 [MEDIUM] CWE-835 libxml2: infinite loop when entity is used in entity definition
libxml2: infinite loop when entity is used in entity definition
libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a certain XML document, a different vulnerability than CVE-2003-1564 and CVE-2008-3281.
Statement: Not vulnerable. This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
No detection rules found.
Bugzilla
CVE-2008-4409 libxml2: infinite loop when entity is used in entity definition
bugzilla·2008-10-06·CVSS 6.5
CVE-2008-4409 [MEDIUM] CVE-2008-4409 libxml2: infinite loop when entity is used in entity definition
CVE-2008-4409 libxml2: infinite loop when entity is used in entity definition
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-4409 to the following vulnerability:
libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities
definitions" in entities, which allows context-dependent attackers to cause a
denial of service (memory consumption and application crash), as demonstrated
by use of xmllint on a certain XML document, a different vulnerability than
CVE-2003-1564 and CVE-2008-3281.
Upstream bugreport:
http://bugzilla.gnome.org/show_bug.cgi?id=554660
Fixed upstream in 2.7.2:
http://mail.gnome.org/archives/xml/2008-October/msg00016.html
References:
http://openwall.com/lists/oss-security/2008/10/02/4
Discussion:
This issue only affected 2.7.x versions of
Bugzilla
CVE-2003-1564 libxml2: billion laughs DoS attack
bugzilla·2008-09-04·CVSS 6.5
CVE-2003-1564 [MEDIUM] CVE-2003-1564 libxml2: billion laughs DoS attack
CVE-2003-1564 libxml2: billion laughs DoS attack
Common Vulnerabilities and Exposures assigned an identifier CVE-2003-1564 to the following vulnerability:
libxml2, possibly before 2.5.0, does not properly detect recursion
during entity expansion, which allows context-dependent attackers to
cause a denial of service (memory and CPU consumption) via a crafted
XML document containing a large number of nested entity references,
aka the "billion laughs attack."
References:
http://www.stylusstudio.com/xmldev/200302/post20020.html
http://www.reddit.com/r/programming/comments/65843/time_to_upgrade_libxml2
http://xmlsoft.org/news.html
http://mail.gnome.org/archives/xml/2008-August/msg00034.html
Discussion:
Created attachment 315726
Public test case
Source: http://www.cogsci.ed.ac.uk/~richard/
http://secunia.com/advisories/29540http://sourceforge.net/project/shownotes.php?group_id=178021&release_id=586923http://sourceforge.net/tracker/index.php?func=detail&aid=1829601&group_id=178021&atid=883559http://www.securityfocus.com/bid/28453https://exchange.xforce.ibmcloud.com/vulnerabilities/41489http://secunia.com/advisories/29540http://sourceforge.net/project/shownotes.php?group_id=178021&release_id=586923http://sourceforge.net/tracker/index.php?func=detail&aid=1829601&group_id=178021&atid=883559http://www.securityfocus.com/bid/28453https://exchange.xforce.ibmcloud.com/vulnerabilities/41489
2008-03-31
Published