1154 matches found
Дырки в CGI Iconboard
Обратный путь в директориях в сочетании с ошибкой NULL-byte позволяет получить содержимое любого файла...
CVE-2001-0214
The Way-board CGI (way-board.cgi) is vulnerable: an attacker can remotely read arbitrary files by supplying a filename in the db parameter terminated with a null byte. The NASL/Tenable data notes the CGI runs with the web server’s privileges (often root or nobody), enabling file disclosure. Remed...
CVE-2001-0214
Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte...
BSD ftpd 0.3.2 - Single Byte Buffer Overflow
BSD ftpd 0.3.2 - Single Byte Buffer Overflow source: https://www.securityfocus.com/bid/2124/info The ftp daemon derived from 4.x BSD source contains a serious vulnerability that may compromise root access. There exists a one byte overflow in the replydirname function. The overflow condition is du...
DoS через cons.saver из Midnight Commander
Перенаправив вывод приложения в файл можно записать '0' в любой файл...
Anaconda Advisory
Synnergy Laboratories Advisory SLA-2000-17 NAME Anaconda Foundation Directory NULL byte vulnerability AFFECTED Linux/UNIX with Anaconda Foundation Directory SYNOPSIS Synnergy Labs has found a flaw within Anaconda Foundation Directory that allows a user to successfully traverse the filesystem on a...
SLA-17.Anaconda.txt
Synnergy Laboratories Advisory SLA-2000-17 NAME Anaconda Foundation Directory NULL byte vulnerability AFFECTED Linux/UNIX with Anaconda Foundation Directory SYNOPSIS Synnergy Labs has found a flaw within Anaconda Foundation Directory that allow s a user to successfully traverse the filesystem on ...
Anaconda Foundation Directory apexec.pl template Parameter Traversal Arbitrary File Retrieval
The remote Anaconda Foundation Directory contains a flaw that allows anyone to read arbitrary files with root super-user privileges, by embedding a null byte in a URL. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...
CVE-2000-0332
UltraBoard 1.6 is affected by a path traversal in UltraBoard.pl/UltraBoard.cgi that allows remote attackers to read arbitrary files by supplying a pathname containing .. followed by a null byte. The vulnerability is described as arbitrary file access via this traversal vector; no exploitation det...
Дырка в YaBB
Проблема "ядовитого нуля" poisoned null byte в перл-скрипте позволяет выполнение кода на сервере...
FTP Serv-U 2.5e vulnerability.
================================================================= Blue Panda Vulnerability Announcement: FTP Serv-U 2.5e 04/08/2000 dd/mm/yyyy [email protected] http://bluepanda.box.sk/ ================================================================= Problem: Sending FTP Serv-U a string...
Serv-U 2.5e Null Byte Saturation DoS
It is possible to crash the remote FTP service by sending it a large number of null bytes. An attacker could exploit this flaw to deny access to the FTP server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10488; scriptversion"1.35"; scriptcvsdate"Date: 2018/11/15...
Fun with UltraBoard V1.6X
hola friends, found some interesting things in the "old" UltraBoard-Forum scripts UltraBoard V 1.6 class:Input Validation Error remote:Yes vulnerable:UltraBoard V1. vendor: www.ultrascripts.com || www.ub2k.com Description: By using the good old NullByte000 its possible to open "any" file on the...
Zeus Web Server Null Byte Request CGI Source Disclosure
The remote host is running the Zeus Web Server. Versions 3.1.x to 3.3.5 of this web server are vulnerable to a bug that allows an attacker to view the source code of CGI scripts. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...