474 matches found
UBUNTU-CVE-2009-2166
Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter...
tomcat Unicode directory traversal vulnerability
Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than...
DEBIAN-CVE-2008-1270
moduserdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the nobody directory...
chrome: directory traversal
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing sessio...
security flaw
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs...
tomcat directory traversal
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...
webMethods Security Advisory: Glue console directory traversal vu lnerability
======================================================================== webMethods Security Advisory Glue console directory traversal vulnerability Announced: 2007-04-17 Affects: webMethods Glue 4.x, 5.x, 6.x Severity: High I. Description On April 11 2007, Patrick Webster reported a vulnerabilit...
CVE-2007-2036
The SNMP implementation in the Cisco Wireless LAN Controller WLC before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384...
PT-2005-3723 · Microsoft +1 · Windows +3
Name of the Vulnerable Software and Affected Versions: Rediff Bol version 7.0 Description: The issue allows remote attackers to read the Windows Address Book. This is achieved via the FullAddressBook method of the Fetch.FetchContact.1 ActiveX control, which is part of the Fetch.dll component...
security flaw
The findreplen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method...
security flaw
The default servlet org.apache.catalina.servlets.DefaultServlet in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet...
sendtemp.pl Read Access to Files
Exploit for cgi platform in category web applications ================================ sendtemp.pl Read Access to Files ================================ !/usr/bin/perl -w sendtemp.pl: A part of the Amaya Web development server contains a file disclosure vulnerability, which allows remote, read...
Дырка в inetd - ident (wheel file fragment reading)
Удаленно можно прочитать первые 16 символов кроме пробелов любого файла к которому имеет доступ группа wheel...
PT-1998-1051 · Unknown · Htmlscript
Name of the Vulnerable Software and Affected Versions: CGI program affected versions not specified Description: The issue allows remote read access to files through the htmlscript CGI program. Recommendations: At the moment, there is no information about a newer version that contains a fix for th...