Raphaël Rigo

**Nome do software vulnerável e versões afetadas** Xerox AltaLink B8045/B8055/B8065/B8075/B8090, versões anteriores à 103.xxx.030.32000 Xerox AltaLink C8030/C8035/C8045/C8055/C8070 versões anteriores à 103.xxx.030.32000 **Descrição** O problema diz respeito a duas contas com senhas fracas codificadas de forma rígida que podem ser exploradas, permitindo acesso não autorizado. Esse acesso não pode ser desativado. **Recomendações** Para as versões do Xerox AltaLink B8045/B8055/B8065/B8075/B8090 anteriores à 103.xxx.030.32000, atualize para a versão 103.xxx.030.32000 ou posterior. Para as versões do Xerox AltaLink C8030/C8035/C8045/C8055/C8070 anteriores à 103.xxx.030.32000, atualize para a versão 103.xxx.030.32000 ou posterior.

**Name of the Vulnerable Software and Affected Versions** GoodTech SMTP server version 5.16 **Description** The issue allows remote attackers to execute arbitrary code via specific commands. This can be achieved by sending a RCPT TO command with a long DNS name, or by sending a large number of RCPT TO commands with a long e-mail name argument in the last command. **Recommendations** For GoodTech SMTP server version 5.16, consider restricting access to the RCPT TO command until a patch is available. As a temporary workaround, limit the length of DNS names and e-mail name arguments in RCPT TO commands to prevent buffer overflows.

**Name of the Vulnerable Software and Affected Versions** SlimFTPd versions 3.15 through 3.16 **Description** The issue allows remote authenticated users to execute arbitrary code via a long directory name to certain commands. This can be achieved by sending a long directory name to the (1) LIST, (2) DELE or (3) RNFR commands. **Recommendations** For SlimFTPd versions 3.15 through 3.16, consider restricting access to the LIST, DELE, and RNFR commands until a patch is available. As a temporary workaround, limit the length of directory names that can be processed by these commands to prevent buffer overflow exploitation.

**Name of the Vulnerable Software and Affected Versions** Pico Server (pServ) version 3.3 **Description** The issue allows remote attackers to read arbitrary files and execute arbitrary commands by exploiting a directory traversal vulnerability. This is achieved by including a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, resulting in an incorrect directory depth count. **Recommendations** For Pico Server (pServ) version 3.3, update to a version that fixes this issue, as the current version allows remote attackers to bypass security restrictions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Pico Server (pServ) version 3.3 **Description** A heap-based buffer overflow issue exists, allowing remote attackers to execute arbitrary code via a long HTTP request. **Recommendations** For version 3.3, update to a newer version that contains a fix for this issue.