28 matches found
EUVD-2002-1164
Malware in sbrugna...
CVE-2023-34615
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
Mageia: Security Advisory (MGASA-2015-0355)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Command Execution Vulnerability in HkCMS
HKCMS is an open source content management system developed on the basis of Thinkphp 5.0 framework, using an independent grouping approach. HkCMS suffers from a command execution vulnerability that can be exploited by attackers to gain control of the server...
Shenzhen Yuanmeng Cloud Technology Co., Ltd. WeiPHP 5.0 suffers from a logic flaw vulnerability
weiphp is a microsoft development platform which is based on oneThink, a content management framework. Shenzhen Yuanmeng Cloud Technology Co. Ltd WeiPHP 5.0 has a logic flaw vulnerability that can be exploited by attackers to obtain sensitive information...
WebKit - Insufficient Entropy Random Number Generator (2)
source: https://www.securityfocus.com/bid/44952/info WebKit is prone to a random-number-generator weakness. Attackers can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage. Successful attacks will allow attackers to track user sessions and obtain personal...
CVE-2007-4194
Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service stack memory consumption and possibly have other unspecified impact via a malformed file, related to "EnCase's file system parsing." NOTE: this information is based upon a vague pre-advisory. It might...
Microsoft IIS 5.0 - '.printer' ISAPI Extension Buffer Overflow (3)
/ source: https://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer request containing approx 420 bytes in the 'Host:' field will allow...
Immunity Canvas: MS03_022
Name| ms03022 ---|--- CVE| CVE-2003-0349 Exploit Pack| CANVAS Description| IIS 5.0 Windows Media Services ISAPI nsisslog.dll Overflow Notes| CVE Name: CVE-2003-0349 VENDOR: Microsoft MSADV: MS03-022 VersionsAffected: Repeatability: Repeatable References:...
Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav)
Microsoft IIS 5.0 - WebDAV Remote Code Execution 3 xwdav / IIS 5.0 WebDAV Exploit Xnuxer Lab By Schizoprenic, Copyright c 2003 WebDAV exploit without netcat or telnet and with pretty magic number as RET / include include include include include include include include include define RET 0xc9c9...
Microsoft IIS 5.0 - WebDAV Remote
// / IIS 5.0 WebDAV -Proof of concept- / / Bug: CAN-2003-0109 / / By Roman Medina-Heigl Hernandez / / aka RoMaNSoFt / / Madrid, 23.Mar.2003 / / ================================= / / Public release. Version 1. / / --------------------------------- / // /...
IIS 5.0 Cross Site Scripting vulnerability
SYSTEMS AFFECTED ======== IIS 5.0 / Windows 2000 SP2 - SRP1 exploited with a browser CONTENTS ========= Subject: IIS 5.0 Cross Site Scripting Vulnerability Date: 27 September 2002 Risk: Medium DESCRIPTION ========= IIS 5.0 can be forced to return malicious content in user's browser. By using a...
Microsoft Internet Explorer 56 Konqueror 2.2.23.0 Weblogic Server 567 - Invalid X.509 Certificate Chain
Microsoft Internet Explorer 56 Konqueror 2.2.23.0 Weblogic Server 567 - Invalid X.509 Certificate Chain source: https://www.securityfocus.com/bid/5410/info A flaw has been reported in the handling of X.509 certificates by a number of products, including several web browsers. It may be possible fo...
Microsoft IIS 5.0 ServerVariables_Jscript.asp Path Disclosure
A sample application shipped with IIS 5.0 discloses the physical path of the web root. An attacker can use this information to make more focused attacks. %NASLMINLEVEL 70300 This script was written by Matt Moore See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title...
Microsoft IIS 5.0 - False Content-Length Field Denial of Service
Microsoft IIS 5.0 - False Content-Length Field Denial of Service source: https://www.securityfocus.com/bid/3667/info Microsoft IIS 5.0 may be prone to a denial of service condition when sent a specially crafted malformed HTTP GET header. If an IIS 5.0 web server is sent a crafted HTTP GET request...
CVE-2001-0508
Vulnerability in IIS 5.0 allows remote attackers to cause a denial of service restart via a long, invalid WebDAV request...
Microsoft IIS vulnerable to DoS via invalid request for very long WebDAV requests
Overview Intruders can disrupt the normal operation of an IIS 5.0 server using a malicious Web Distributed Authoring and Versioning WebDAV request. Description WebDAV is an extension to HTTP used to manage content on web servers. Quoting from RFC 2518: WebDAV is an extension to the HTTP/1.1...
Immunity Canvas: MS01_033
Name| ms01033 ---|--- CVE| CVE-2001-0500 Exploit Pack| CANVAS Description| IIS 5.0 Index Server ISAPI .ida Overflow Notes| CVE Name: CVE-2001-0500 VENDOR: Microsoft MSADV: MS01-033 VersionsAffected: Repeatability: References: http://www.microsoft.com/technet/security/bulletin/MS01-033.mspx CVE Ur...
IIS 5.0 PROPFIND DOS #2
Georgi Guninski security advisory 44, 2001 IIS 5.0 PROPFIND DOS 2 Systems affected: IIS 5.0 Risk: Medium Date: 6 May 2001 Legal Notice: This Advisory is Copyright c 2001 Georgi Guninski. You may distribute it unmodified. You may not modify it and distribute it or distribute parts of it without th...
Microsoft Windows 2000/Internet Information Server (IIS) 5.0 Internet Printing Protocol (IPP) ISAPI contains buffer overflow (MS01-023)
Overview A vulnerability exists in Microsoft IIS 5.0 running on Windows 2000 that allows a remote intruder to run arbitrary code on the victim machine. Description Windows 2000 includes support for the Internet Printing Protocol IPP via an ISAPI extension. According to Microsoft, this extension i...