Lucene search
K

2293 matches found

Tenable Nessus
Tenable Nessus
added 2003/03/20 12:0 a.m.56 views

WebDAV Detection

WebDAV is an industry standard extension to the HTTP specification. It adds a capability for authorized users to remotely add and manage the content of a web server. If you do not use this extension, you should disable it. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...

5.5AI score
Exploits0
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.17 views

CVE-2002-1487

The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service crash by sending the raw messages 1 206, 2 211, 3 213, 4 214, 5 215, 6 217, 7 218, 8 243, 9 302, 10 317, 11 324, 12 332, 13 333, 14 352, and 15 367...

6.6AI score0.13637EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2003/03/13 12:0 a.m.120 views

smb2www Unspecified Arbitrary Remote Command Execution

The remote host is running smb2www - a SMB to WWW gateway. There is a flaw in the version of this CGI which allows anyone to execute arbitrary commands on this host by sending a malformed argument to smbshr.pl, one of the components of this solution. %NASLMINLEVEL 70300 C Tenable Network Security...

7.5CVSS6AI score0.02165EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2003/03/13 12:0 a.m.22 views

BSD ftpd Single Byte Buffer Overflow

The remote ftp daemon contains a flaw in the 'replydirname' function which allows an attacker to write a null byte beyond the boundaries of the local buffer. An attacker can exploit this to gain root access. C Tenable Network Security, Inc. This script was written by Xue Yong Zhi...

10CVSS5.6AI score0.17929EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2003/03/12 12:0 a.m.52 views

Wordit Logbook logbook.pl file Parameter Arbitrary File Access

The WordIt 'logbook.pl' CGI script is installed on the remote host. This script has a well-known security flaw that lets anyone read arbitrary files on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid1136...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2003/03/12 12:0 a.m.65 views

Upload Lite upload.cgi Arbitrary File Upload

The Upload Lite upload.cgi CGI script is installed. This script has a well-known security flaw that lets anyone upload arbitrary files on the remote web server. Note that Nessus did not test whether uploads are possible, only that the script exists. %NASLMINLEVEL 70300 C Tenable Network Security,...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/03/09 12:0 a.m.37 views

WebWho+ whois.pl time Parameter Arbitrary Command Execution

The WebWho+ CGI script appears to be installed on the remote host. This Perl script allows an attacker to view any file on the remote host as well as to execute arbitrary commands, both subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

10CVSS6AI score0.11072EPSS
Exploits0References2
exploitpack
exploitpack
added 2003/02/27 12:0 a.m.17 views

Invision Board 1.1.1 - ipchat.php Remote File Inclusion

Invision Board 1.1.1 - ipchat.php Remote File Inclusion source: https://www.securityfocus.com/bid/6976/info Invision Board is prone to an issue that may allow remote attackers to include files located on attacker-controlled servers. This vulnerability is as a result of insufficient sanitization...

Exploits0
Tenable Nessus
Tenable Nessus
added 2003/02/12 12:0 a.m.67 views

Unreal Engine Multiple Remote Vulnerabilities

The Unreal Engine in use on the remote game server is vulnerable to various attacks that may allow an attacker to use it as a distributed denial of service source or to execute arbitrary code on this host. Note that Nessus appears to have disabled this service while testing for these flaws. C...

10CVSS6.3AI score0.07538EPSS
Exploits2References5
Packet Storm
Packet Storm
added 2003/02/04 12:0 a.m.30 views

ftp_banner.txt

Banner Buffer Overflows found in Multible FTP Clients Discovered by Dennis Rand www.Infowarfare.dk ------------------------------------------------------------------------ SUMMARY A client side vulnerability in the product allows remote servers to cause the client to crash by sending it a large...

7.4AI score
Exploits0
NVD
NVD
added 2002/08/12 4:0 a.m.13 views

CVE-2002-0763

Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server...

7.5CVSS6.7AI score0.02166EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/07/13 12:0 a.m.32 views

MFC ISAPI Framework Buffer Overflow

Systems Affected: All ISAs written using MFC ISAPI framework Issue: User-input length values can result in a buffer overflow. Risk: Critical Scope: Remote Server Compromise The MFC ISAPI framework is widely used to build ISAs that run on a multitude of web servers. It has been discovered that the...

1.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.103 views

Multiple Vendor Embedded FTP Service Any Username Authentication Bypass

The FTP server running on the remote host can be accessed using a random username and password. Nessus has enabled some countermeasures to prevent other plugins from reporting vulnerabilities incorrectly because of this. This script was written by H D Moore include"compat.inc"; ifdescription...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/05/22 12:0 a.m.185 views

Microsoft IIS 5.0 Form_JScript.asp XSS

The script /iissamples/sdk/asp/interaction/FormJScript.asp of FormVBScript.asp allows you to insert information into a form field and once submitted re-displays the page, printing the text you entered. This .asp doesn't perform any input validation. An attacker can exploit this flaw to execute...

6AI score
Exploits0
CVE
CVE
added 2002/05/03 4:0 a.m.45 views

CVE-2002-0231

Product/affected version: mIRC up to and including 5.91. Vulnerability: Buffer overflow in the nickname handling. Impact: Remote code execution on the client when a long nickname is processed by a remote server. Root cause: Overflow in nickname parsing leads to arbitrary code execution. Exploitat...

7.5CVSS8.2AI score0.09817EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2002/01/17 12:0 a.m.87 views

PHP Rocket for FrontPage phprocketaddin page Parameter Traversal Arbitrary File Access

There is a vulnerability in the PHP Rocket Add-in for FrontPage that allows a remote attacker to view the contents of any arbitrary file to which the web user has access. This vulnerability exists because the PHP Rocket Add-in does not filter out ../ and is, therefore, susceptible to this directo...

5CVSS5.8AI score0.02012EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2001/12/03 12:0 a.m.42 views

Interactive Story story.pl next Parameter Traversal Arbitrary File Access

By requesting : GET /cgi-bin/story.pl?next=../../../filetoread%00 An attacker may use this flaw to read arbitrary files on this server. %NASLMINLEVEL 70300 This script was written by Georges Dagousset See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title 1/13/2009 ...

5CVSS5.6AI score0.03669EPSS
Exploits1References1
exploitpack
exploitpack
added 2001/11/15 12:0 a.m.17 views

ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow (1)

ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/3526/info ActivePerl is an implementation of the Perl scripting language for Microsoft Windows systems developed by Activestate. ActivePerl allows for high-performance integration with IIS using a...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2001/11/05 12:0 a.m.41 views

Minor IE System Info Disclosure

I just stumbled across this the other day when i was playing... a remote server can poll a surfers computer and determin some applications they have installed by trying a load an image with the file:// protocol. if the file is found on disk the javascript onload event fires..if not the onerror...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/09/26 12:0 a.m.78 views

Textor Webmasters Ltd listrec.pl TEMPLATE Parameter Arbitrary Command Execution

The 'listrec.pl' cgi is installed. This CGI has a security flaw that lets an attacker execute arbitrary commands on the remote server, usually with the privileges of the web server. %NASLMINLEVEL 70300 This script written by Matt Moore See the Nessus Scripts License for details Changes by Tenable...

7.5CVSS6AI score0.02052EPSS
Exploits1References3
Rows per page
Query Builder