Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iseries as 400 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1238
By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows malicious users to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request.
Ibm Iseries As 400
NA
CVE-2005-1133
The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote malicious users to determine valid user IDs on the server.
Ibm Iseries As 400
NA
CVE-2005-1025
The FTP server in AS/400 4.3, when running in IFS mode, allows remote malicious users to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library.
Ibm Iseries As 400 4.3
NA
CVE-2005-1244
Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has dispu...
Netiq Pssecure 7.5
NA
CVE-2005-1240
Directory traversal vulnerability in the third party tool from Castlehill, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Castlehill Secure Net
NA
CVE-2005-1241
Directory traversal vulnerability in the third party tool from Powertech, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Powertech Powerlock Networksecurity 4.7.1
NA
CVE-2005-1243
Directory traversal vulnerability in the third party tool from SafeStone, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Safestone Technologies Axcessit
NA
CVE-2005-1242
Directory traversal vulnerability in the third party tool from Bsafe, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Bsafe Global Security
NA
CVE-2005-1239
Directory traversal vulnerability in the third party tool from Raz-Lee, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.
Raz-lee Security\\+\\+\\+
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started