Bytes Interactive Web Shopper shopper.cgi Traversal Arbitrary File Access

The remote host contains is running Byte's Interactive Web Shopper, a shopping cart application. The installed version allows for retrieval of arbitrary files from the web server. %NASLMINLEVEL 70300 This script was written by Thomas Reinke See the Nessus Scripts License for details Changes by...

Bytes interactive Web shopper 1.02.0 - Directory Traversal

Bytes interactive Web shopper 1.02.0 - Directory Traversal source: https://www.securityfocus.com/bid/1776/info Bytes Interactive Web Shopper is a XML based shopping cart application. The "newpage" variable does not properly check for insecure relative paths such as the double dot "..". The...

Bytes interactive Web shopper 1.0/2.0 - Directory Traversal

source: https://www.securityfocus.com/bid/1776/info Bytes Interactive Web Shopper is a XML based shopping cart application. The "newpage" variable does not properly check for insecure relative paths such as the double dot "..". The following URL request:...

Microsoft Windows NT 4.02000 - Spoofed LPC Request (MS00-003)

Microsoft Windows NT 4.02000 - Spoofed LPC Request MS00-003 source: https://www.securityfocus.com/bid/1753/info This vulnerability is a new variation of the NT LPC Privilege Escalation Vulnerabilty please see https://www.securityfocus.com/bid/934 for details reported on January 12, 2000 by...

CVE-1999-0408

Files created from interactive shell sessions in Cobalt RaQ microservers e.g. .bashhistory are world readable, and thus are accessible from the web server...

CVE-1999-0159

The CVE-1999-0159 entry maps to Cisco IOS 9.x–11.x devices where an attacker who can reach an interactive prompt (e.g., login) can cause a crash, degrading availability. Affected component is Cisco IOS; root cause described as a crash when a prompt is accessible, with no additional exploitation d...

CVE-1999-0159

Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt such as a login. This applies to some IOS 9.x, 10.x, and 11.x releases...

CVE-1999-0159

Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt such as a login. This applies to some IOS 9.x, 10.x, and 11.x releases...

Microsoft Windows NT 4.0 - DCOM Server

Microsoft Windows NT 4.0 - DCOM Server source: https://www.securityfocus.com/bid/624/info It is possible for a local user to modify how DCOM servers are run, thereby escalating his/her privilege level. The Interactive User has write permissions to the DCOM registry entries. By editing the registr...

HTTP Proxy CONNECT Request Relaying

The proxy allows users to perform CONNECT requests such as : CONNECT http://cvs.example.org:23 This request gives the person who made it the ability to have an interactive session with a third-party site. This issue may allow attackers to bypass your firewall by connecting to sensitive ports such...

HTTP Proxy POST Request Relaying

The proxy allows the users to perform POST requests such as POST http://cvs.nessus.org:21 without any Content-length tag. This request may give an attacker the ability to have an interactive session. This problem may allow attackers to go through your firewall, by connecting to sensitive ports li...

CVE-1999-0159

Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt such as a login. This applies to some IOS 9.x, 10.x, and 11.x releases...

PT-1998-1035 · Cisco · Cisco Ios

Name of the Vulnerable Software and Affected Versions: Cisco IOS versions 9.x through 11.x Description: The issue allows attackers to crash a Cisco IOS router or device if they can access an interactive prompt, such as a login. Recommendations: For versions 9.x through 11.x, update to a version...

Security Update for Microsoft Windows (KB898458)

A security issue has been identified in the Step-by-Step Interactive Training application that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this...

Security Update for Windows XP x64 Edition (KB923723)

A security issue has been identified in the Step-by-Step Interactive Training application that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you ma...

Security Update for Windows Server 2003 for Itanium-based Systems (KB923723)

A security issue has been identified in the Step-by-Step Interactive Training application that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you ma...

Security Update for Windows Server 2003 64-bit Itanium Edition (KB898458)

A security issue has been identified in the Step-by-Step Interactive Training application that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this...

Security Update for Windows Server 2003 x64 Edition (KB923723)

A security issue has been identified in the Step-by-Step Interactive Training application that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you ma...