113 matches found
CVE-2004-2213
Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a 1 trailing dot "." or 2 trailing space in an HTTP request...
CVE-2004-1811
The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates...
CVE-2004-0740
The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service server crash, reload, or hang via an HTTP header with a long Host field, possibly triggering a buffer overflow...
Denial of Service vulnerability in several Lexmark HTTP servers
Denial of Service vulnerability in several Lexmark HTTP servers. Several Lexmark network printers is shipped with a build-in HTTP server for administrative tasks. The webserver software is vulnerable to a Denial of Service attack that will force the webserver to restart and/or stop taking request...
Opera 7.22 - File Creation and Execution (WebServer)
!/usr/bin/perl Sample code of "Opera 7 Arbitrary File Auto-Saved Vulnerability." This Exploit will run a webserver that will create and execute a batch file on the victim's computer when visiting this malicious server This perl script is a small HTTP server for a check ofthe vulnerability. BTW, y...
Alchemy Eye HTTP Server does not adequately validate user input thereby allowing remote command execution
Overview Alchemy Eye does not properly validate HTTP requests, allowing arbitrary command execution. Description Alchemy Eye includes an HTTP server for remote system monitoring and control. In versions 2.0 through 2.6 of Alchemy Eye, the HTTP server component does not adequately validate HTTP...
Summit Computer Networks Lil' HTTP Server 2 - 'URLCount.cgi' HTML Injection
source: https://www.securityfocus.com/bid/5115/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. Reportedly, Lil' HTTP Server is vulnerable to HTML injection attacks. The vulnerability is present in the 'REPORT' function foun...
CVE-2001-0871
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing 1 a .. in versions 2.0 through 2.6.18, or 2 a DOS device name followed by a .. in versions 2.6.19 through 3.0.10...
CVE-2001-0374
The HTTP server in Compaq web-enabled management software for 1 Foundation Agents, 2 Survey, 3 Power Manager, 4 Availability Agents, 5 Intelligent Cluster Administrator, and 6 Insight Manager can be used as a generic proxy server, which allows remote attackers to bypass access restrictions via th...
3COM OfficeConnect DSL router vulneratibilities
Yesterday night I discovered a vulnerabilty. The router is a 3COM OfficeConnect 812 and the vulnerability is on the HTTP server, on port 80. When you enter with a browser on one of this router, you are asked for user/password, if you fail, you can see a web page telling you that is a protected...
Unixware 7.0 - SCOhelp HTTP Server Format String
source: https://www.securityfocus.com/bid/1717/info SCO Unixware 7 default installation includes scohelp, an http server that listens on port 457/tcp and allows access to manual pages and other documentation files. The search CGI script provided for that purpose has a vulnerability that could all...
CVE-2000-0021
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin...
faxsurvey.txt
Date: Tue, 4 Aug 1998 07:41:24 -0700 Reply-To: [email protected] From: Tom Subject: remote exploit in faxsurvey cgi-script Hi! There exist a bug in the 'faxsurvey' CGI-Script, which allows an attacker to execute any command s/he wants with the permissions of the HTTP-Server. All the attacker has t...