Ipswitch IMail Web Calendaring Arbitrary File Read (CVE-2005-1252)

The Ipswitch IMail Server product contains a variety of server components. These components include POP3, SMTP, IMAP, and a Web Calendaring server. The IMail Web Calendaring server provides functions for users to store schedules, set appointments, and send reminder information using HTTP protocol...

SHOUTcast Filename Format String (CVE-2004-1373)

SHOUTcast is a free distributed streaming audio system developed by Nullsoft. It is widely used by Internet-based radio stations. The SHOUTcast server implements a subset of the HTTP protocol to communicate with clients. A client-server session starts with the client requesting an audio stream fr...

SHOUTcast Filename Format String - ver 2 (CVE-2004-1373)

SHOUTcast is a free distributed streaming audio system developed by Nullsoft. It is widely used by Internet-based radio stations. The SHOUTcast server implements a subset of the HTTP protocol to communicate with clients. A client-server session starts with the client requesting an audio stream fr...

Apache Tomcat Directory Listing Information Disclosure (CVE-2006-3835)

Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies. The software provides the servlet container used in development and deployment of Java based web applications. Users access Tomcat applications using web browsers that communicate to the server via the HTTP...

BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability - Active Check

BigAnt IM Server is prone to a remote buffer overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

Detailed description of SSL and TLS Web Security penetration testing-vulnerability warning-the black bar safety net

If the Web Service of the SSL and TLS Protocol security problem, the consequences will be how? Obviously, in this case the attacker can have all your security information, including user name, passwords, credit card, Bank information...... All in all. This article will give the reader a detailed...

ELOG Version Detection

This script finds the running ELOG Version and saves the result in KB. OpenVAS Vulnerability Test $Id: secpodelogdetect.nasl 5877 2017-04-06 09:01:48Z teissa $ ELOG Version Detection Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod, http://www.secpod.com This program is free software; you...

CVE-2009-2622

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including 1 "missing or mismatched protocol identifier," 2 missing or negative status value," 3 "missing version," or 4 "missing or invalid status number," related t...

For IIS write permissions for the simple analysis-vulnerability warning-the black bar safety net

//Or to be symbolic of a copyright, reproduced, please indicate the b0r3d's blog http://www.b0r3d.org //Last month to the Black hand cast went, people since there is no published, I will send to it, after all the articles of original content is too small, the technical content is not high. Recent...

Zervit 0.4 Traversal / Memory Corruption

Zervit webserver 0.4 Directory Traversal & Memory Corruption By: e.wiZz! & shinnai Site: shinnai.net & balcansecurity.com Memory Corruption import socket host = "127.0.0.1" port = 8080 try: for i in range1,10: buff = "a" 3330 request = "POST " + buff + " HTTP/1.0" connection =...

Zervit HTTP Server Malformed URI Remote Denial Of Service Vulnerability

Zervit HTTP server is prone to a denial of service DoS vulnerability because it fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Squid cache proxy server DoS

Denial of Service on invalid HTTP protocol version...

MSN cross-site vulnerability analysis-vulnerability warning-the black bar safety net

As early as a few days ago, heard colleagues say,“friends msn send to a web page, enter the password, the results a few days later, the MSN password is wrong, could be stolen.” At that time also asked colleagues want the address, but he said address not found. A few days later a friend said to se...

Heap overflow

Heap-based buffer overflows in Novell eDirectory HTTP protocol stack HTTPSTK before 8.8 SP3 have unknown impact and attack vectors related to the 1 HTTP language header and 2 HTTP content-length header...

Cross site scripting

Cross-site scripting XSS vulnerability in the HTTP Protocol Stack HTTPSTK in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2008-5093

Cross-site scripting XSS vulnerability in the HTTP Protocol Stack HTTPSTK in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2008-5092

CVE-2008-5092 corresponds to a heap-based buffer overflow in Novell eDirectory’s HTTPSTK (HTTP protocol stack) prior to 8.8 SP3. The NVD entry notes unknown impact and attack vectors tied to the HTTP language header and HTTP content-length header. CVSS v2 base score is 10.0 (AV:N/AC:L/Au:N/C:C/I:...

http-auth NSE Script

Retrieves the authentication scheme and realm of a web service that requires authentication. See also: http-auth-finder.nse http-brute.nse Script Arguments http-auth.path Define the request path slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size,...

Novell eDirectory Multiple Vulnerabilities (Linux)

This host is running Novell eDirectory, which is prone to XSS, Denial of Service, and Remote Code Execution Vulnerabilities. OpenVAS Vulnerability Test $Id: secpodnovelledirmultvulnlinux900210.nasl 7823 2017-11-20 08:54:04Z cfischer $ Description: Novell eDirectory Multiple Vulnerabilities Linux...

Novell eDirectory Multiple Vulnerabilities (Windows)

This host is running Novell eDirectory, which is prone to XSS, Denial of Service, and Remote Code Execution Vulnerabilities. OpenVAS Vulnerability Test $Id: secpodnovelledirmultvulnwin900209.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: Novell eDirectory Multiple Vulnerabilities Windows...