Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iseries as 400 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-1133
The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote malicious users to determine valid user IDs on the server.
Ibm Iseries As 400
7.5
CVSSv2
CVE-2005-1238
By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows malicious users to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request.
Ibm Iseries As 400
5
CVSSv2
CVE-2005-1025
The FTP server in AS/400 4.3, when running in IFS mode, allows remote malicious users to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library.
Ibm Iseries As 400 4.3
7.5
CVSSv2
CVE-2005-1244
Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has dispu...
Netiq Pssecure 7.5
7.5
CVSSv2
CVE-2005-1240
Directory traversal vulnerability in the third party tool from Castlehill, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Castlehill Secure Net
7.5
CVSSv2
CVE-2005-1241
Directory traversal vulnerability in the third party tool from Powertech, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Powertech Powerlock Networksecurity 4.7.1
5
CVSSv2
CVE-2005-1242
Directory traversal vulnerability in the third party tool from Bsafe, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Bsafe Global Security
5
CVSSv2
CVE-2005-1243
Directory traversal vulnerability in the third party tool from SafeStone, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Safestone Technologies Axcessit
5
CVSSv2
CVE-2005-1239
Directory traversal vulnerability in the third party tool from Raz-Lee, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Raz-lee Security\\+\\+\\+
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started