miniature java Web server 1.71 - Multiple Vulnerabilities

Exploit Title: Miniature Java Web Server | www.DigitalWhisper.co.il Software Link: http://tjws.sourceforge.net/download Version: \r\n\r\n...

Miniature Java Web Server <= 1.71 Multiple Vulnerabilities

Exploit for multiple platform in category remote exploits ========================================================== Miniature Java Web Server | www.DigitalWhisper.co.il Software Link: http://tjws.sourceforge.net/download Version: = 1.71 Tested on: JRE build 1.6.017-b04 Path Traversal: A Path...

Tiny Java Web Server 1.71 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/39666/info Tiny Java Web Server is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include a directory-traversal vulnerability, an open-redirection vulnerability, and a...

Tiny Java Web Server 1.71 - Multiple Input Validation Vulnerabilities

Tiny Java Web Server 1.71 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/39666/info Tiny Java Web Server is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include a...

CVE-2008-3425

Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System SPS 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors...

CVE-2007-6572

Cross-site scripting XSS vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204...

Sun Java Web Proxy Server和Sun Java Web Server跨站脚本漏洞

BUGTRAQ ID: 26978 CNCAN ID:CNCAN-2007122401 Sun Java Web Proxy Server和Sun Java Web Server是两款基于JAVA的应用服务程序。 Sun Java Web Proxy Server和Sun Java Web Server存在输入验证问题，远程攻击者可以利用漏洞进行跨站脚本攻击，可获得敏感信息或任意脚本代码执行。 目前没有详细漏洞细节提供。 Sun Java Web Proxy Server 4.0.5 Sun Java Web Proxy Server 4.0.4 Sun Java Web Proxy...

Sun Java Web Server unauthorized access

No description provided...

Jetty可预测随机会话ID漏洞

Jetty是一款流行的Java Web服务器。 Jetty的会话ID随机生成实现上存在漏洞，远程攻击者可能利用此漏洞获取非授权访问。 Jetty使用java.util.Random生成会话ID。java.util.random实现以下形式的线性同余随机数生成器： synchronized protected int nextint bits seed = seed 0x5DEECE66DL + 0xBL & 1L 48 - 1; return intseed 48 - bits;...

Jetty Non-random Session ID Vulnerability

Binary data 3904.prm...

CVE-2005-1150

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service hang...

Pegasi022.txt

Donato Ferrante Application: Pegasi Web Server PWS http://pws.sourceforge.net Version: 0.2.2 Bugs: Multiple Vulnerabilities Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2...

directory traversal in PWebServer 0.3.3

Donato Ferrante Application: PWebServer http://sourceforge.net/projects/pwebserver/ Version: 0.3.3 Bug: directory traversal bug Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Descripti...

Blazix 1.2 - Special Character Handling Server Side Script Information Disclosure

source: https://www.securityfocus.com/bid/5566/info Blazix is a freely available, open source web server written in Java. It is available for Linux and Microsoft Windows operating systems. When a user passes a request to the web server that ends in either a plus + or backslash , the web server ma...

CVE-2001-0186

Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. dot dot attack...

CVE-2001-0186

The CVE-2001-0186 issue affects Free Java Web Server 1.0 and is a path traversal vulnerability. The root cause is improper handling of directory traversal sequences (".."), enabling remote attackers to read arbitrary files. Documented impact is access to files via crafted requests; no explicit fi...

CVE-2001-0186

Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. dot dot attack...

Vulnerability in Free Java Web Server

Vulnerability in Free Java Web Server Overview Free Java Web Server v1.0 is a Java web server available from http://www.download.com. A vulnerability exists which allows a remote user to break out of the web root using relative paths ie: '..', '...'. Details http://localhost/../file outside web...

CVE-2000-0812

The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag...

CVE-2000-0812

The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag...