Lucene search
+L

3494 matches found

Exploit DB
Exploit DB
added 2001/09/12 12:0 a.m.22 views

EFTP Server 2.0.7.337 - Directory Existence / File Existence

source: https://www.securityfocus.com/bid/3333/info A user can confirm the existence and location of files and directory structure information, by submitting a 'size' or 'mdtm' command of a file. If the command is carried out by the vulnerable service, the attacker can confirm the location of the...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/08/13 12:0 a.m.942 views

LDAP NULL BASE Search Access

The remote LDAP server supports search requests with a NULL, or empty, base object. This allows information to be retrieved without any prior knowledge of the directory structure. Coupled with a NULL BIND, an anonymous user may be able to query your LDAP server using a tool such as 'LdapMiner'...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2001/08/13 12:0 a.m.845 views

LDAP Server NULL Bind Connection Information Disclosure

The LDAP server on the remote host is currently configured such that a user can connect to it without authentication - via a 'NULL BIND' - and query it for information. Although the queries that are allowed are likely to be fairly restricted, this may result in disclosure of information that an...

5.6AI score
Exploits0
CVE
CVE
added 2001/07/27 4:0 a.m.53 views

CVE-2001-0357

FormMail vulnerability CVE-2001-0357 affects FormMail.pl (FormMail) 1.6 and earlier. An attacker can remotely modify recipient and message parameters to send anonymous email, effectively enabling spam through the vulnerable script. Connected OpenVAS data identifies affected versions (All versions...

7.5CVSS6.5AI score0.01351EPSS
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2001/07/25 12:0 a.m.21 views

Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflows

source: https://www.securityfocus.com/bid/3102/info WS-FTP Server is vulnerable to malicious remote user input argumenting multiple FTP commands received from anonymously connecting clients. An attacker may supply a long sequence of characters as an argument to any of the affected commands. If th...

7.4AI score
Exploits0
CERT
CERT
added 2001/07/17 12:0 a.m.24 views

Microsoft Exchange LDAP Service is vulnerable to denial-of-service attacks

Overview The Microsoft Exchange LDAP Service contains vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to foll...

5CVSS6.5AI score0.29433EPSS
Exploits0References4
securityvulns
securityvulns
added 2001/06/30 12:0 a.m.31 views

implementation problem in Microsoft LDAP?

Hello, I have been looking at the microsoft LDAP service error codes responses and when I'm not authenticated anonymous I can know if an object exists or not. I would like to know if this is an implementation problem. Problem 1: Here we have a log of the saucer program an ldap client as you can...

0.3AI score
Exploits0
NVD
NVD
added 2001/06/27 4:0 a.m.30 views

CVE-2001-0456

postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended...

7.5CVSS6.4AI score0.05882EPSS
Exploits0References2
securityvulns
securityvulns
added 2001/05/12 12:0 a.m.92 views

Vulnerabilty in TYPsoft FTP server

Vulnerabilty in TYPsoft FTP server v0.95 Overview: TYPsoft FTP Server is a freeware ftp server available from http://typsoft.n3.net . Affected systems: FTP server v0.95 - 0.93 and probably prior versions for Windows 95/98/NT/2000/ME Description: An attacker with anonymous access to the ftp server...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2001/05/04 12:0 a.m.14 views

WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite (3)

WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite 3 source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a ve...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2001/05/04 12:0 a.m.39 views

WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)

source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Because ...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/03/12 12:0 a.m.131 views

CORRECTION to CODE: FormMail.pl can be used to send anonymous email

Hi All, I did a little playing with FormMail.pl after a run in with a spammer abusing our webserver. Apparently ALL FormMail.pl cgi-bin scripts can be used to spam anonymously. I found another server with FormMail.pl and tried the same exploit to send myself an email and it worked. The email will...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/03/08 12:0 a.m.493 views

IBM Lotus Domino Administration Databases Anonymous Access

The remote Lotus Domino server allows an anonymous user to access sensitive information such as users, databases, configuration of servers including operating system and hard disk partitioning, and logs of access to users which could expose sensitive data if GET html forms are used. %NASLMINLEVEL...

6.2AI score0.01316EPSS
Exploits0References4
CERT
CERT
added 2001/03/02 12:0 a.m.17 views

Lotus Domino SMTP Server Allows Anonymous Relay of Quoted Addresses

Overview Lotus Domino includes an SMTP server. Under certain configurations, an intruder may be able to relay mail to third parties through the Domino SMTP server. Description An "open" mail server is one that will send mail that is not addressed to and does not originate from a local user. Open...

6.6AI score
Exploits0References1
securityvulns
securityvulns
added 2001/01/23 12:0 a.m.25 views

Multiple Vulnerabilities In FaSTream FTP++ (+ ICS Tftpserver DoS)

=- Note: Be advised that below mentioned DoS can be traced back to TFtpServer. This is a beta-component of the "Internet Component Suite" for Delphi/C++ Builder, availble from http://www.overbyte.be. Other products using this component could be vulnerable, its creator has been notified. -- SNS...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2000/12/20 12:0 a.m.28 views

ProFTPd 1.2 - SIZE Remote Denial of Service

ProFTPd 1.2 - SIZE Remote Denial of Service source: https://www.securityfocus.com/bid/2185/info A memory leak has been reported in all versions of ProFTPd. The SIZE FTP command causes the server to misallocate and leak small amounts of memory each time the command is executed. If a sufficient...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2000/12/20 12:0 a.m.26 views

Memory leakage in proftpd leads to remote DoS

Hello, Proftpd has memory leakage bug if it executes SIZE FTP command. Using 5000 SIZE commands causes proftpd to consume over 300kB of memory. Exploiting this bug with more SIZE commands gives us simple DoS attack. Anonymous access is sufficient to use SIZE commands and to exploit this bug. I've...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2000/12/18 12:0 a.m.21 views

BSD ftpd 0.3.2 - Single Byte Buffer Overflow

BSD ftpd 0.3.2 - Single Byte Buffer Overflow source: https://www.securityfocus.com/bid/2124/info The ftp daemon derived from 4.x BSD source contains a serious vulnerability that may compromise root access. There exists a one byte overflow in the replydirname function. The overflow condition is du...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2000/12/18 12:0 a.m.29 views

BSD ftpd 0.3.2 - Single Byte Buffer Overflow

source: https://www.securityfocus.com/bid/2124/info The ftp daemon derived from 4.x BSD source contains a serious vulnerability that may compromise root access. There exists a one byte overflow in the replydirname function. The overflow condition is due to an off-by-one bug that allows an attacke...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/11/10 12:0 a.m.31 views

Утечка информации в Novell Netware (Object enumeration)

Сервера Netware с поддержкой TCP/IP сообщают информацию об объектах NDS через анонимное соединение TCP/524...

0.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder