CVE-2001-0068

Mac OS Runtime for Java MRJ 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter...

CVE-2001-0037

Directory traversal vulnerability in HomeSeer before 1.4.29 allows remote attackers to read arbitrary files via a URL containing .. dot dot specifiers...

Security Bulletin (MS01-004)

---------------------------------------------------------------------- - - Title: Patch Available to Eliminate New Variant of "File Fragment Reading via .HTR" Vulnerability Date: 29 January 2001 Software: IIS 4.0 and 5.0 Impact: File Reading Bulletin: MS01-004 KB Article: Q285985 available soon...

Hyperseek 2000 Search Engine - "show directory & files" bug

--== NerF security gr0up advisory ==-- -------------------------------------------------------------------- Hyperseek 2000 Search Engine - "show directory & files" bug. -------------------------------------------------------------------- 1. Standart perl problem is in statistic module - file:...

FreeBSD-SA-01:09.crontab

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:09 Security Advisory FreeBSD, Inc. Topic: crontab allows users to read certain files REVISED Category: core Module: crontab Announced: 2001-01-23 Revised: 2001-01-25...

CVE-2000-0853

YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. dot dot attack...

CVE-2000-0919

Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. dot dot attack...

CVE-2000-0930

Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch...

CVE-2000-0977

mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter...

CVE-2000-1132

DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable...

Дырка в arp в Solaris

Переполнение буфера причтении файла...

CVE-2000-1176

Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. dot dot attack in the "catsearch" form field...

Lotus Domino 5.0.5 Web Server vulnerability - reading files outside the web root

Georgi Guninski security advisory 32, 2001 Lotus Domino 5.0.5 Web Server vulnerability - reading files outside the web root Systems affected: Lotus Domino 5.0.5 Windows 2000 - have not tested other versions/platforms Risk: High Date: 5 January 2001 Legal Notice: This Advisory is Copyright c 2000...

Microsoft Windows Media Player 7.0 - JavaScript URL

Microsoft Windows Media Player 7.0 - JavaScript URL source: https://www.securityfocus.com/bid/2167/info Windows Media Player is an application used for digital audio, and video content viewing. It can be embedded in webpages as an ActiveX control. It is possible to execute a javascript URL from...

CVE-2000-1188

Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. dot dot attack in the "page" parameter...

CVE-2000-0912

MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary commands by specifying the file name to the "multi" parameter...

CVE-2000-0902

getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read arbitrary files via a .. dot dot attack...

CVE-2000-0900

Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. dot dot attack...

CVE-2000-0921

Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. dot dot attack on the page parameter...

CVE-2000-1075

Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. dot dot attack in the Agent, End Entity, or Administrator services...