3863 matches found
Apache Tomcat 3.1 - Path Revealing
source: https://www.securityfocus.com/bid/1531/info A vulnerability exists in the JSP portion of the Tomcat package, version 3.1, from the Apache Software Foundation. Upon hitting an nonexistent JSP file, too much information is presented by the server as part of the error message. This informati...
Tomcat 3.0/3.1 Snoop Servlet - Information Disclosure
source: https://www.securityfocus.com/bid/1532/info A vulnerability exists in the snoop servlet portion of the Tomcat package, version 3.1, from the Apache Software Foundation. Upon hitting an nonexistent file with the .snp extension, too much information is presented by the server as part of the...
VIGILANTE-2000004.txt
HP Jetdirect - Invalid FTP Command DoS Advisory Code: VIGILANTE-2000004 Release Date: July 19, 2000 Systems Affected: HP Jetdirect printers using firmware versions: - G.08.04 - H.08.05 - G.08.20 - H.08.20 Older firmware versions, prior to G.08.20 and H.08.20, are probably also vulnerable. THE...
HP JetDirect J3111A - Invalid FTP Command Denial of Service
HP JetDirect J3111A - Invalid FTP Command Denial of Service source: https://www.securityfocus.com/bid/1491/info HP JetDirect firmware is vulnerable to a Denial of Service attack. JetDirect devices have an FTP service which fails to properly handle bad FTP commands sent with the ftp "quote" comman...
CVE-2000-0413
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path...
Gossamer Threads DBMan 2.0.4 - DBMan Information Leakage
Gossamer Threads DBMan 2.0.4 - DBMan Information Leakage source: https://www.securityfocus.com/bid/1178/info Requesting an invalid database file from a web server implementing Gossamer Threads DBMan scripts will return a CGI error message containing environmental variables to a remote user withou...
Gossamer Threads DBMan 2.0.4 - DBMan Information Leakage
source: https://www.securityfocus.com/bid/1178/info Requesting an invalid database file from a web server implementing Gossamer Threads DBMan scripts will return a CGI error message containing environmental variables to a remote user without any authorization. The parameters displayed include the...
Cart32 3.0 - 'expdate' Administrative Information Disclosure
source: https://www.securityfocus.com/bid/1358/info By appending the string "/expdate" to a request for the cart32.exe executable, http: //target/cgi-bin/cart32.exe/expdate an attacker can access an error message followed by a debugging page containing the server variables, the Cart32...
Fastraq Mailtraq 1.1.4 - Multiple Path Vulnerabilities
source: https://www.securityfocus.com/bid/1278/info A remote user may browse any known directory on a host running Fastraq Mailtraq 1.1.4 by making a URL request that includes the '../' string. In addition, requesting a URL appended with "../" and an unusually long character string will return an...
Novell BorderManager Port 2000 Telnet DoS
The port 2000 is open, and Novell BorderManager might be listening on it. There is a denial of service attack that allows an intruder to make a Novell BorderManager 3.5 slowly die. If you see an error message on this computer telling you 'Short Term Memory Allocator is out of Memory' then you are...
Microsoft IIS (Windows NT 4.0SP1SP2SP3SP4SP5) - .IDC Path Mapping
Microsoft IIS Windows NT 4.0SP1SP2SP3SP4SP5 - .IDC Path Mapping source: https://www.securityfocus.com/bid/299/info The full physical path name for the IIS web server root directory may be obtained by attempting to view a non-existent .IDC file. The web server will return an error message that lis...
Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - '.IDC' Path Mapping
source: https://www.securityfocus.com/bid/299/info The full physical path name for the IIS web server root directory may be obtained by attempting to view a non-existent .IDC file. The web server will return an error message that lists the absolute pathname of the "missing" .IDC file...
Microsoft Outlook Express 4.27.31104.72.3120 - POP Denial of Service
Microsoft Outlook Express 4.27.31104.72.3120 - POP Denial of Service source: https://www.securityfocus.com/bid/252/info A vulnerability in Outlook Express allows a malicious message sent to the users mailbox to halt POP mail download. The Microsoft tracking number of this issue is S2134 T6142. A...
Microsoft Outlook Express 4.27.3110/4.72.3120 - POP Denial of Service
source: https://www.securityfocus.com/bid/252/info A vulnerability in Outlook Express allows a malicious message sent to the users mailbox to halt POP mail download. The Microsoft tracking number of this issue is S2134 T6142. A line with a single dot '.' stands for EOM end of message in the POP3...
Microsoft IIS 5.0 - IISAPI Extension Enumerate Root Web Server Directory
Microsoft IIS 5.0 - IISAPI Extension Enumerate Root Web Server Directory source: https://www.securityfocus.com/bid/194/info A GET request that specifies a nonexistent file with an IISAPI-registered extension ie .pl, .idq will cause the IIS server to return an error message that includes the full...
Microsoft IIS 5.0 - IISAPI Extension Enumerate Root Web Server Directory
source: https://www.securityfocus.com/bid/194/info A GET request that specifies a nonexistent file with an IISAPI-registered extension ie .pl, .idq will cause the IIS server to return an error message that includes the full path of the root web server directory. This can happen if the file is...
CVE-1999-0969
The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork...
CVE-1999-1266
rsh daemon rshd generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system...
System Recovered Error Message Update
System Recovered Error Message Update...
Security update 1970-01-01
...