Lucene search
K

2293 matches found

exploitpack
exploitpack
added 2004/07/17 12:0 a.m.14 views

Gallery 1.4.4 - Remote Server-Side Script Execution

Gallery 1.4.4 - Remote Server-Side Script Execution source: https://www.securityfocus.com/bid/10968/info A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the...

0.1AI score
Exploits0
FreeBSD
FreeBSD
added 2004/07/07 12:0 a.m.40 views

apache2 -- SSL remote DoS

The Apache HTTP Server 2.0.51 release notes report that the following issues have been fixed: A segfault in modssl which can be triggered by a malicious remote server, if proxying to SSL servers has been configured. CAN-2004-0751 A potential infinite loop in modssl which could be triggered given...

5CVSS6.4AI score0.69653EPSS
Exploits0References3
securityvulns
securityvulns
added 2004/06/18 12:0 a.m.28 views

[UNIX] Singapore MD5 Administrative Password Disclosure

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

7.3AI score
Exploits0
NVD
NVD
added 2004/04/26 4:0 a.m.21 views

CVE-2004-1077

Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive...

5CVSS6.7AI score0.01165EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/04/16 12:0 a.m.31 views

CVS Client Traversal Arbitrary File Retrieval

According to its version number, the remote CVS server has a directory directory traversal vulnerability. This could allow a malicious client to read files outside of the CVS root. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12212; scriptversion "1.16";...

5CVSS5.4AI score0.02354EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2004/04/14 1:59 p.m.4 views

security flaw

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

2.6CVSS5.9AI score0.01832EPSS
Exploits0References4
securityvulns
securityvulns
added 2004/03/02 12:0 a.m.75 views

YabbSE (3 on 1)

Summary YaBB SE is a PHP/MySQL port of the popular forum software YaBB yet another bulletin board. This time we discovered three new holes. That ranges from extracting information to deleting information and files in the remote web server. Details Vulnerable Systems: YaBB SE versions 1.5.4, 1.5.5...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2004/02/24 12:0 a.m.23 views

Remote server crash in Team Factor <= 1.25

Luigi Auriemma Application: Team Factor aka US Special Forces http://www.teamfactor.co.uk/ http://ms7fx.iccc.cz/teamfactor/ Versions: = 1.25 note: 1.25 and 1.25m uses the same vulnerable exe Platforms: Windows and Linux Bug: reading of unallocated memory crash Risk: high Exploitation: remote,...

1AI score
Exploits0
OSV
OSV
added 2004/02/22 12:0 a.m.20 views

DSA-447 hsftp - format string

Bulletin has no description...

7.5CVSS6.2AI score0.09022EPSS
Exploits0
exploitpack
exploitpack
added 2004/01/02 12:0 a.m.14 views

GoodTech Telnet Server 4.0 - Remote Denial of Service

GoodTech Telnet Server 4.0 - Remote Denial of Service source: https://www.securityfocus.com/bid/9337/info GoodTech Telnet Server is reportedly prone to a denial of service vulnerability. This condition occurs prior to authentication when excessive data is received by the server. Exploitation coul...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/12/18 12:0 a.m.314 views

SGDynamo sgdynamo.exe HTNAME Parameter Path Disclosure

The CGI 'sgdynamo.exe' can be tricked into giving the physical path to the remote web root. This information may be useful to an attacker who can use it to launch more effective attacks against the remote server. %NASLMINLEVEL 70300 This script written by Scott Shebby 12/2003 See the Nessus Scrip...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/10/27 12:0 a.m.68 views

Apache Double Slash GET Request Forced Directory Listing

It is possible to obtain the listing of the content of the remote web server root by sending the request 'GET // HTTP/1.0' This vulnerability usually affects the default Apache configuration which is shipped with Red Hat Linux, although it might affect other Linux distributions or other web serve...

5CVSS5.6AI score0.05439EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2003/09/24 12:0 a.m.56 views

PHP < 4.3.3 Multiple Vulnerabilities

The remote host is running a version of PHP that is older than 4.3.3. All versions of PHP 4 older than 4.3.3 contain multiple integer overflow vulnerabilities that may allow an attacker to execute arbitrary commands on this host. Another problem may also invalidate safemode. %NASLMINLEVEL 70300 C...

10CVSS5.6AI score0.06982EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2003/09/19 12:0 a.m.31 views

MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow

According to its banner, the version of MySQL installed on the remote host fails to validate the length of a user-supplied password in the 'User' table in the 'getsaltfrompassword' function. Using a specially crafted value for a new password, an authenticated attacker with the 'ALTER DATABASE'...

9CVSS6.3AI score0.74577EPSS
Exploits1References4
exploitpack
exploitpack
added 2003/09/08 12:0 a.m.14 views

Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun

Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun source: https://www.securityfocus.com/bid/8566/info A vulnerability has been reported for various Roger Wilco server releases. The problem occurs server-side, and can be triggered when processing malformed client packets. Specifically, when...

0.7AI score
Exploits0
curl security advisories
curl security advisories
added 2003/08/03 8:0 a.m.5 views

Proxy Authentication Header Information Leakage

When curl connected to a site via an HTTP proxy with the CONNECT request, the user and password used for the proxy connection was also sent off to the remote server...

7.5CVSS7.2AI score0.01915EPSS
Exploits0Affected Software2
OSV
OSV
added 2003/08/03 8:0 a.m.7 views

CURL-CVE-2003-1605 Proxy Authentication Header Information Leakage

When curl connected to a site via an HTTP proxy with the CONNECT request, the user and password used for the proxy connection was also sent off to the remote server...

7.5CVSS7.6AI score0.01915EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/07/31 12:0 a.m.120 views

WU-FTPD fb_realpath() Function Off-by-one Overflow

The remote WU-FTPD server seems to be vulnerable to an off-by-one overflow when dealing with huge directory structures. An attacker may exploit this flaw to obtain a shell on this host. Note that Nessus has solely relied on the banner of the remote server to issue this warning so it may be a...

10CVSS8.1AI score0.78115EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2003/06/17 12:0 a.m.22 views

Psunami.CGI Command Execution

The remote host is hosting Psunami.CGI There is a flaw in this CGI which allows an attacker to execute arbitrary commands with the privileges of the HTTP server by making a request like : /psunami.cgi?action=board&board=1&topic=|id| %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.8AI score
Exploits0
NVD
NVD
added 2003/06/09 4:0 a.m.17 views

CVE-2003-0322

Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service crash...

5CVSS6.8AI score0.01381EPSS
Exploits0References2
Rows per page
Query Builder