3497 matches found
Anonymous FTP Detection (login: anonymous)
Binary data 1822.prm...
Debian proftpd root Privilege Escalation
Binary data 1817.prm...
Sambar Default Anonymous Account
Binary data 1577.prm...
Anonymous FTP Detection (login: ftp)
Binary data 1820.prm...
Microsoft Exchange Outlook Web Access HTTP Response Splitting Vulnerability
Description Microsoft Exchange Outlook Web Access OWA is prone to HTTP response splitting attacks. This issue could permit hostile script to be injected into client sessions, which could gain access to properties of the OWA server and Web pages hosted on the site. It is noted that the attacker mu...
RiSearch show.pl Open Proxy Relay
The remote host seems to be running RiSearch, a local search engine. There is a flaw in the CGI 'show.pl' which is bundled with this software that could allow an attacker to use the remote host as an open proxy by doing a request like :...
Mandrake Linux Security Advisory : cvs (MDKSA-2003:009)
Two vulnerabilities were discoverd by Stefen Esser in the cvs program. The first is an exploitable double free bug within the server, which can be used to execute arbitrary code on the CVS server. To accomplish this, the attacker must have an anonymous read-only login to the CVS server. The secon...
moinmoin -- ACL group bypass
The moinmoin package contains two bugs with ACLs and anonymous users. Both bugs may permit anonymous users to gain access to administrative functions; for example the delete function. There is no known workaround, the vulnerability exists regardless if a site is using ACLs or not...
mollensoftLightweight.txt
Mollensoft Lightweight FTP Server CWD Buffer Overflow ------------------------------------------------------------------------ Article reference: http://www.securiteam.com/windowsntfocus/5RP0L15CUM.html SUMMARY STORM has discovered a security vulnerability in Mollensoft Lightweight FTP Server...
RealServer /admin/Docs/default.cfg Information Disclosure
The remote RealServer seems to allow any anonymous user to download the default.cfg file. This file is used to store confidential data and should not be accessible via the web frontend. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
[VulnWatch] IRIX ftpd ftp_syslog issue with anonymous FTP
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: IRIX ftpd ftpsyslog issue with anonymous FTP Number: 20040401-01-P Date: April 2, 2004 Reference: SGI BUGs 893718 899364 909172 Fixed in: Patches 5525 & 5547 for IRIX 6.5.20-6.5.23 SGI provides this information freely to the SGI user...
Novell NetWare LDAP Server Anonymous Bind
The server's directory base is set to NULL. This allows information to be enumerated without any prior knowledge of the directory structure. %NASLMINLEVEL 70300 This script was written by David Kyger Changes by Tenable: - Revised plugin title, output formatting 9/3/09 - Replaced broken URL, added...
Problem with Appleshare IP FTP server
This affects versions 6.3.1 and lower. It will say 'Appleshare IP FTP server.' But, there is a problem with it, Im not quite sure why, that when you login as an anonymous user, and type RMD / the system freezes. My bet is that because Non-OSX macs dont use slashes for directories, that the ftp...
BRSwebweaver.txt
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: BRS WebWeaver: Anonymous Surfing product: BRS WebWeaver 1.06 vendor: http://www.brswebweaver.com risk: high date: 09/24/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/027en http://f0kp.iplus.ru/bz/027ru contact...
WS_FTP Server vulnerable to buffer overflow when supplied overly long "STAT" command
Overview It has been reported that a vulnerability exists in the processing of a "STAT" command on WSFTP Servers versions 4.x and prior. Exploitation of this vulnerability may lead to an authenticated user executing arbitrary code with the elevated privileges of the server process. Description...
Vulnerabilities In Pablo Software Solutions FTP Service 1.2
Plaintext Password Vulnerability ------------------------------------ User info is stored in users.dat in plaintext. If the anonymous account is present it is by default the entire FTP server can be compromised ftp://somewhere/program files/pablo's ftp service/users.dat Default Anonymous Account...
FTP Service 1.2 - Multiple Vulnerabilities
FTP Service 1.2 - Multiple Vulnerabilities FTP Service Multiple Vulnerabilities Vendor: Pablo Software Solutions Product: FTP Service Version: = 1.2 Website: http://www.pablovandermeer.nl/ftpservice.html BID: 7799 7801 Description: FTPService.exe is a service-version of Pablo's FTP Server. This...
Pablo Software Solutions FTP Service 1.2 - Anonymous Users Privileges
Pablo Software Solutions FTP Service 1.2 - Anonymous Users Privileges source: https://www.securityfocus.com/bid/7799/info An issue in Pablo FTP Service may make it possible for remote users to perform unauthorized actions. It has been reported that Pablo FTP Service does not sufficiently restrict...
Pablo Software Solutions FTP Service 1.2 - Anonymous Users Privileges
source: https://www.securityfocus.com/bid/7799/info An issue in Pablo FTP Service may make it possible for remote users to perform unauthorized actions. It has been reported that Pablo FTP Service does not sufficiently restrict the anonymous user account, which is active by default. Because of...
FTP Service < 1.2 - Multiple Vulnerabilities
FTP Service Multiple Vulnerabilities Vendor: Pablo Software Solutions Product: FTP Service Version: = 1.2 Website: http://www.pablovandermeer.nl/ftpservice.html BID: 7799 7801 Description: FTPService.exe is a service-version of Pablo's FTP Server. This service enables you to have the FTP server...