2293 matches found
AspUpload vulnerability
At least one example script distributed with AspUpload appears to be installed on the remote web server. SPDX-FileCopyrightText: 2003 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Horde < 3.2.2 IMP_MIME_Viewer_html class XSS Vulnerabilities
The remote server is running at least one instance of Horde IMP whose version number is between 3.0 and 3.2.1 inclusive. SPDX-FileCopyrightText: 2003-2004 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
GuppY < 4.5.6a Multiple Vulnerabilities
The remote host is running GuppY / EasyGuppY, a CMS written in PHP. The version of Guppy / EasyGuppY installed on the remote host fails to sanitize user-supplied input to the 'pg' field in the 'printfaq.php' script. An attacker can exploit this flaw to launch cross-site scripting and possibly...
security flaw
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences...
phpWebSite 0.10.0 - module SQL Injection
phpWebSite 0.10.0 - module SQL Injection !/usr/bin/perl use LWP::Simple; $serv = $ARGV0; $path = $ARGV1; $name = $ARGV2; sub usage print "\nUsage: $0 server path username \n"; print "sever - URL\n"; print "path - path to index.php\n"; print "username - name register user\n\n"; exit ; sub work pri...
COOL! Remote Control 1.12 - Remote Denial of Service
COOL! Remote Control 1.12 - Remote Denial of Service !usr/bin/perl COOL! Command Execution DOS Exploit -------------------------------------------- Infam0us Gr0up - Securiti Research Info: infamous.2hell.com Vendor URL: www.yaosoft.com If Remote ControlClient application is running then already...
COOL! Remote Control 1.12 - Remote Denial of Service
!usr/bin/perl COOL! Command Execution DOS Exploit -------------------------------------------- Infam0us Gr0up - Securiti Research Info: infamous.2hell.com Vendor URL: www.yaosoft.com If Remote ControlClient application is running then already connected to server, this command exploit will made...
BNBT BitTorrent EasyTracker <= 7.7r3 Denial of Service Exploit
No description provided by source. / BNBT BitTorrent EasyTracker Remote Denial Of Service Versions: Version 7.7r3.2004.10.27 and below Vendors: http://bnbt.go-dedicated.com/ http://bnbteasytracker.sourceforge.net/ http://sourceforge.net/projects/bnbtusermods/ Bug find and coded by:...
flat256enENa2.txt
Flatnuke 2.5.6 enENa2 possibly prior versions user IP address / information disclosure software: site: http://flatnuke.sourceforge.net/flatnuke/ download link: http://itk.hopto.org:666/work/index.php?mod=Download&dlfile=FlatNukeEn/FlatNukeEn2.5.6a2.zip&mode=go same vuln of simple machine forum,...
Remote IIS 5.x and IIS 6.0 Server Name Spoof
Remote IIS 5.x and IIS 6.0 Server Name Spoof It is possible to remotely spoof the "SERVERNAME" Microsoft® Internet Information Server® 5.0, 5.1 and 6.0 server variable by doing a modified HTTP request. Thus potentially revealing sensitive ASP code through the IIS 500-100.asp error page, the spoof...
USN-166-1: Evolution vulnerabilities
Ulf Harnhammar disovered several format string vulnerabilities in Evolution. By tricking an user into viewing a specially crafted vCard attached to an email, specially crafted contact data from an LDAP server, specially crafted task lists from remote servers, or saving Calendar entries with this...
CVE-2004-2277
Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service crash and possibly execute arbitrary code via a long server response...
[Full-disclosure] Easy Message Board Directory Traversal and Remote Command
============================================================ ============================================================ Title: Easy Message Board Directory Traversal and Remote Command Execution Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 08/05/2005...
CVE-2005-1453
fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service crash by closing the connection while fetchnews is reading 1 an article header or 2 an article body, which also prevents fetchnews from querying other servers...
Open WebMail Shell Escape Arbitrary Command Execution
According to its banner, the version of Open WebMail installed on the remote host may allow execution of arbitrary shell commands due to its failure to ensure shell escape characters are removed from filenames and other strings before trying to read from them. %NASLMINLEVEL 70300 C Tenable Networ...
CVE-2004-1487
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences...
xine security announcement: multiple heap overflows in MMS and Real RTSP streaming clients
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 xine security announcement ========================== Announcement-ID: XSA-2004-8 Summary: By a user receiving data from a malicious network streaming server, an attacker can overrun a heap buffer, which can, on some systems, lead to or help in...
PHP < 4.3.11 / 5.0.3 Multiple Unspecified Vulnerabilities
According to its banner, the version of PHP installed on the remote host is prior to 4.3.11 / 5.0.3. It is, therefore, potentially affected by a set of vulnerabilities in the EXIF module. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...
Compaq WBEM HTTP Server Remote Overflow
The remote host is running a Compaq Web Management server. The remote version of this software is vulnerable to an unspecified buffer overflow that may allow an attacker to execute arbitrary code on the remote host with the privileges of the web server process. C Tenable Network Security, Inc...
Apple QuickTime Server < 4.1.3 Multiple Vulnerabilities (deprecated)
Binary data 2762.prm...