229 matches found
CVE-2001-1371
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager...
CVE-2002-0045
The CVE affects OpenLDAP slapd prior to 2.0.20 (OpenLDAP 2.0.0–2.0.19; anonymous before 2.0.8) where a faulty ACL check allows a local/anonymous user to perform a replace operation with an empty value list. This bypasses access controls and can delete non-mandatory attributes that ACLs would norm...
CVE-2002-0045
slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs...
Oracle 9iAS allows anonymous remote users to view sensitive Apache services by default
Overview Oracle Application Server 9iAS allows remote users to access several Apache services without authentication. Description Oracle Application Server 9iAS includes the Apache Web server and several Apache services. In the default install configuration, many of these services, including...
CVE-2001-1371
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager...
Lotus Domino Web server vulnerability
Tested on : ----------- LOTUS DOMINO 5.0.5 french and LOTUS DOMINO 5.0.8 french with http service running. OS : Windows NT 4.0 sp4 Description : ------------- With a particular craft URL, an anonymous users can lock the databases accesses. Result : Any notes users even the administrators and the...
Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflows
source: https://www.securityfocus.com/bid/3102/info WS-FTP Server is vulnerable to malicious remote user input argumenting multiple FTP commands received from anonymously connecting clients. An attacker may supply a long sequence of characters as an argument to any of the affected commands. If th...
Cartfix Secret Backdoor Patch tool for cart32
@Stake Inc. L0pht Research Labs www.atstake.com www.L0pht.com Security Tool Release Name: Cartfix Secret Backdoor Patch tool Release Date: April 27, 2000 Application: Cart32 Shopping Cart Program Platform: Win32 Severity: An attacker can execute commands on the web server and modify admin passwor...
Microsoft FrontPage Extensions Check
The remote web server appears to be running with the FrontPage extensions. FrontPage allows remote web developers and administrators to modify web content from a remote location. While this is a fairly typical scenario on an internal local area network, the FrontPage extensions should not be...