MAX PRESENCE,TP3106,TP3206 Security Vulnerabilities

SIX-webboard generate.cgi 'content' Parameter Traversal Arbitrary File Access

The version of the 'generate.cgi' from SIX-webboard installed on the remote web server allows an unauthenticated, remote attacker to access arbitrary files with the privileges of the http daemon due to improper validation of user-supplied input to the 'content' variable of directory traversal...

Quikstore Shopping Cart quikstore.cgi Multiple Vulnerabilities

The CGI 'quickstore.cgi' is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the HTTP...

Teamware Office contains multiple vulnerabilities in LDAP handling code

Overview The Teamware Office suite contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the.....

iPlanet Directory Server contains multiple vulnerabilities in LDAP handling code

Overview The iPlanet Directory Server contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product,...

Advisory CA-2001-18

CERT Advisory CA-2001-18 Multiple Vulnerabilities in Several Implementations of the Lightweight Directory Access Protocol (LDAP) Original release date: July 16, 2001 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected * iPlanet...

Apache 1.3 - Directory Index Disclosure

Apache 1.3 - Directory Index...

Apache 1.3 - Directory Index Disclosure

...

poprelayd and sendmail relay authentication problem (Cobalt Raq3)

Hi to all, Poprelayd is a simple script that scan /var/log/maillog for valid pop logins and updates a hash db used by sendmail to permit relaying for those valid pop users, this method is called "Pop-before-smtp". The syslog string searched by the script is in this form for the qpop server /POP...

Security-issues with Icecast Version 1.3.7

** Digit-Labs Security Advisory (http://www.digit-labs.org/) ** Advisory Name: Security-issues with Icecast Version 1.3.7 Release Date: Application: Tested on Icecast Version 1.3.7 Platform: Windows 2000 Prof Severity: Medium Author(s): GoLLuM.no [mailto:[email protected]] Vendor Status:...

Tarantella Enterprise ttawebtop.cgi pg Parameter Traversal Arbitrary File Access

The 'ttawebtop.cgi' CGI is installed. The installed version is affected by multiple flaws : It is possible to read arbitrary files from the remote system by including directory traversal strings in the request. It may be possible for an attacker to execute arbitrary commands with...

Directory Pro Traversal Arbitrary File Access

The CGI 'directorypro.cgi' is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the HTTP...

Security Bulletin MS01-028

Title: RTF document linked to template can run macros without warning Date: 21 May 2001 Software: Microsoft Word for Windows and Word for the Mac Impact: Run Macros without warning Bulletin: MS01-028 Microsoft encourages customers to review the Security Bulletin at: ...

def-2001-26: IIS WebDav Lock Method Memory Leak DoS

====================================================================== Defcom Labs Advisory def-2001-26 IIS WebDav Lock Method Memory Leak DoS Author: Peter Grьndl <[email protected]> Release Date: 2001-05-17...

PerlCal cal_make.pl p0 Parameter Traversal Arbitrary File Read

The 'cal_make.pl' cgi is installed on the remote host. This CGI has a well known security flaw that lets anyone read arbitrary files with the privileges of the http daemon (root or...

Tektronix PhaserLink Multiple Admin Page Unauthenticated Configuration Manipulation

The file /_ncl_items.shtml or /_ncl_subjects.shtml exists on the remote web server. If the remote host is a Tektronix printer, then this page allows anyone to reconfigure it without any authentication means whatsoever. An attacker may use this flaw to conduct a denial of service attack against...

Oracle Database tnslsnr Service Remote Version Disclosure

The remote host is running the Oracle tnslsnr service, a network interface to Oracle databases. This product allows a remote user to determine the presence and version number of a given Oracle...

processit CGI Environment Variable Remote Information Disclosure

The 'processit' CGI is installed. processit normally returns all environment variables. This gives an attacker valuable information about the configuration of your web...

[wsir-01/02-03] PGP 7.0 Split Key/Cached Passphrase Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TITLE: PGP 7.0 Split Key/Cached Passphrase Vulnerability ADVISORY ID: WSIR-01/02-03 DISCOVERED BY: Patrik Birgersson, Wkit Security AB CONTACT: [email protected] CLASS: --- OBJECT: PGP Desktop Security 7.0...

uStorekeeper ustorekeeper.pl file Parameter Traversal Arbitrary File Access

The 'ustorekeeper.pl' CGI script installed on the remote host allows an attacker to read arbitrary files subject to the privileges of the http daemon (usually root or...

Ananconda Partners Clipper anacondaclip.pl Traversal Arbitrary File Access

The CGI script 'anacondaclip', which comes with anacondaclip.pl, is installed on this machine. This CGI has a well-known security flaw that allows an attacker to read arbitrary files on the remote system with the privileges of the HTTP daemon (usually root or...

HIS AUktion auktion.cgi Traversal Arbitrary Command Execution

The 'auktion.cgi' cgi is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon (usually root or...

Kerberos Server Spoofed Packet Amplification DoS (PingPong)

The remote host is running a Kerberos server that seems to be vulnerable to a 'ping-pong' attack. When contacted on the UDP port, this service always responds, even to malformed requests. This makes it possible to involve it in a 'ping-pong' attack, in which an attacker spoofs a packet between...

Thinking Arts ES.One store.cgi StartID Parameter Traversal Arbitrary File Access

The 'store.cgi' cgi is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon (usually root or...

MAILNEWS mailnews.cgi Arbitrary Command Execution

mailnews.cgi is being hosted on the remote web server. Input to the 'address' parameter is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands with the privileges of the web server. Please note Nessus only checked for the presence of this CGI, and did not...

Security Advisory: Microsoft Outlook 2000 vCard Buffer Overrun (additional information) - Revised

-- Corsaire Limited Security Advisory -- Title: Microsoft Outlook 2000 vCard Buffer Overrun (additional information) - Revised Date: 01.03.01 Application: Outlook 2000, Outlook Express Environment: WinNT, Win2000 Author: Martin O'Neal [[email protected]] Audience: General distribution --...

ROADS search.pl form Parameter Traversal Arbitrary File Access

The 'search.pl' CGI from ROADS is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the HTTP...

Security Advisory: Cisco IOS Software SNMP Read-Write ILMI Community String Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Cisco IOS Software SNMP Read-Write ILMI Community String Vulnerability Revision 1.0: INTERIM For Public Release 2001 February 27 04:00 US/Eastern (UTC+0500) _________ Summary Cisco IOS software releases based on versions 11.x and...

Adcycle 0.78b Authentication

|---------------------------------------------------------------------------------| / Product: Adcycle Banner Rotation. \ Vendor URL: www.adcycle.com / Tested on: v0.77 - 0.78b [Freeware] Linux \ Vendor...

WebSPIRS webspirs.cgi Traversal Arbitrary File Access

The remote host is running WebSPIRS, SilverPlatter's Information Retrieval System for the web. The installed version of WebSPIRS has a well-known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon (usually root or...

CVE-2000-0893

The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI...

CVE-2000-0893

The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI...

W3.org Anaya Web sendtemp.pl 'templ' Parameter Traversal Arbitrary File Access

The 'sendtemp.pl' CGI is installed. This CGI has a well known security flaw that allows an attacker read arbitrary files with the privileges of the HTTP...

PALS Library System WebPALS pals-cgi Multiple Vulnerabilities

The 'pals-cgi' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon (usually root or...

Commerce.CGI Shopping Cart commerce.cgi page Parameter Traversal Arbitrary File Access

The 'commerce.cgi' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the web...

Way-board way-board.cgi db Parameter Arbitrary File Access

The 'way-board' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon (usually root or...

CVE-2000-0893

The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI...

DOS Vulnerability in SlimServe HTTPd

DOS Vulnerability in SlimServe HTTPd Overview SlimServe HTTPd v1.0 is a web server available from http://www.whitsoftdev.com and http://www.download.com. A DOS vulnerability exists which allows a remote attacker to crash the server. Details If an extraoridinarily long string of 'A's is sent to...

Advisory CA-2001-02

CERT Advisory CA-2001-02 Multiple Vulnerabilities in BIND Original release date: January 29, 2001 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Domain Name System (DNS) Servers running various versions of ISC BIND ...

iWeb Hyperseek 2000 hsx.cgi show Parameter Traversal Arbitrary File Read

The 'hsx.cgi' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon (usually root or...

Basilix Webmail .class / .inc Direct Request Remote Information Disclosure

It is possible to download the include files on the remote BasiliX webmail service. An attacker may use these to obtain the MySQL authentication...

wwwwais QUERY_STRING Parameter Remote Overflow

The 'wwwwais' CGI is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon (usually root or...

ISSalert: Internet Security Systems Security Alert: Ramen Linux Worm

Internet Security Systems Security Alert January 18, 2000 Ramen Linux Worm Propagation Synopsis: A self-propagating worm known as Ramen is currently exploiting well-known holes in unpatched Red Hat Linux 6.2 systems and in early versions of Red Hat 7.0. In addition to scanning for additional...

Seagate Crystal Reports exposes cleartext username/password pairs when embedded in URL or HTTP request

Overview The Seagate Crystal Reports product exposes passwords to back-end databases in certain configurations. In particular, the username and password are transmitted in plaintext from the client browser to the server as part of the URL when using technologies other than Active Server Pages...

Metertek pagelog.cgi Traversal Arbitrary File Access

The 'pagelog.cgi' cgi is installed. This CGI has a well known security flaw that lets an attacker create arbitrary files on the remote server, ending in .txt, and reading arbitrary files ending in .txt or .log *** Warning : this flaw was not tested by Nessus. Check the existence of...

Informix webdriver CGI Unauthenticated Database Access

The remote host may be running Informix Webdriver, a web-to-database interface. If not configured properly, this CGI script may give an unauthenticated attacker the ability to modify and even delete databases on the remote host. Nessus relied solely on the presence of this CGI; it did not try to...

News Desk newsdesk.cgi t Parameter Traversal Arbitrary File Access

The 'newsdesk.cgi' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon (usually root or...

DCForum dcboard.cgi Multiple Vulnerabilities

The DCForum dcboard.cgi script is installed. This CGI has some well known security flaws, including one that lets an attacker execute arbitrary commands with the privileges of the web...

Cold Fusion Administration Page Overflow DoS

A denial of service vulnerability exists within the Allaire ColdFusion web application server (version 4.5.1 and earlier) which allows an attacker to overwhelm the web server and deny legitimate web page requests. By downloading and altering the login HTML form, an attacker can send overly large...

Security Advisory: FreeBSD-SA-00:77.procfs

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:77 Security Advisory FreeBSD, Inc. Topic: Several...

FreeBSD-SA-00:77.procfs

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:77 Security Advisory FreeBSD, Inc. Topic: Several vulnerabilities in procfs [REVISED] Category: core Module: procfs Announced: 2000-12-18 Reissued: 2000-12-29 Affects:...