182 matches found
4D WebSTAR 5.35.4 Tomcat Plugin - Remote Buffer Overflow
4D WebSTAR 5.35.4 Tomcat Plugin - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/13538/info The Tomcat Plugin supplied with the HTTP server is reportedly prone to a remote buffer overflow vulnerability. A successful attack can result in a crash or arbitrary code execution...
4D WebSTAR 5.3/5.4 Tomcat Plugin - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/13538/info The Tomcat Plugin supplied with the HTTP server is reportedly prone to a remote buffer overflow vulnerability. A successful attack can result in a crash or arbitrary code execution allowing the attacker to gain unauthorized access to the...
CVE-2002-1521
Web Server 4D WS4D 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges...
CVE-2002-1521
CVE-2002-1521 concerns Web Server 4D (WS4D) 3.6 or lower, which stores usernames and passwords in plaintext in the Ws4d.4DD file. The vulnerability enables a local attacker to gain privileges on the affected host by accessing the credential data. OpenVAS entries corroborate the 3.6-era behavior a...
4D WebStar < 5.3.3 Information Disclosure
Binary data 2171.prm...
WebServer 4D HTTP GET Request Remote Overflow
Binary data 2186.prm...
4D WebStar < 5.3.3 FTP Pre-Authentication Overflow
Binary data 2170.prm...
WebServer 4D < 3.6 Ws4d.4DD Cleartext Password Storage
Binary data 1450.prm...
4D WebSTAR Symlink Privilege Escalation
The remote server is running 4D WebStar FTP Server. The version of 4D WebStar FTP Server on the remote host is reportedly affected by a local symbolic link vulnerability caused by the application opening files without properly verifying their existence or their absolute location. Successful...
4D WebStar Arbitrary Multiple Vulnerabilities
The remote server is running a version of 4D WebStar Web Server earlier than 5.3.3. Such versions are reportedly affected by multiple issues : - An attacker may be able to obtain the listing of a directory by appending a star to the directory name. - An attacker may obtain the file php.ini by...
4D WebStar Pre-authentication FTP Overflow
There is a buffer overflow condition in the remote version of 4D WebStar FTP Server installed on the remote host. An attacker may exploit this flaw to execute arbitrary code on the remote host with the privileges of the FTP server root. C Tenable Network Security, Inc. include"compat.inc";...
CVE-2004-0695
Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command...
CVE-2004-0697
Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information...
CVE-2004-0696
The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "" asterisk character...
CVE-2004-0695
CVE-2004-0695 affects 4D WebSTAR WebSTAR FTP Server up to 5.3.2. It is a stack-based buffer overflow in the FTP service that can allow remote code execution via a long FTP command, with specific modules describing a USER/overflow in the logging routine (OSX 5.3.2). Exploitation references include...
CVE-2004-0698
4D WebSTAR (FTP/Server) is affected: versions up to 5.3.2 and earlier contain a local symbolic link vulnerability caused by opening files without properly verifying their existence or absolute location. This design issue can let a local attacker write to arbitrary files with the application’s per...
CVE-2004-0697
Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information...
CVE-2004-0697
CVE-2004-0697 affects 4D WebSTAR 5.3.2 and earlier. The vulnerability permits remote attackers to read the php.ini configuration file, potentially exposing sensitive information. The NVD entry lists a base CVSS v2 score of 5.0 (Medium) with network access and low complexity, but no exploitation d...
CVE-2004-0696
CVE-2004-0696 affects 4D WebSTAR Web Server 5.3.2 and earlier. The ShellExample.cgi script allows remote attackers to list arbitrary directories via a URL containing the desired path and a * (asterisk). NVD lists a base score of 5.0 (Medium) with network access and low attack complexity; no explo...
4D Webstar multiple bugs
Buffer overflow, information leakage, symbolic links...