2293 matches found
PhpMyExplorer index.php chemin Parameter Encoded Traversal Arbitrary File Access
phpMyExplorer is vulnerable to a directory traversal attack that allows anyone to make the remote web server read and display arbitrary directories. For example: GET /index.php?chemin=..%2F..%2F..%2F..%2F%2Fetc will return the contents of the remote /etc directory. %NASLMINLEVEL 70300 C Tenable...
CVE-2001-1009
Fetchmail aka fetchmail-ssl before 5.8.17 allows a remote malicious 1 IMAP server or 2 POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request...
Metertek pagelog.cgi Traversal Arbitrary File Access
The 'pagelog.cgi' cgi is installed. This CGI has a well known security flaw that lets an attacker create arbitrary files on the remote server, ending in .txt, and reading arbitrary files ending in .txt or .log Warning : this flaw was not tested by Nessus. Check the existence of...
PHPix album Parameter Encoded Traversal Arbitrary File/Directory Access
The PHPix program allows an attacker to read arbitrary files on the remote web server, prefixing the pathname of the file with ..%2F..%2F.. For example: GET /Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0 will return all the files that are nested within...
RealServer /admin/includes/ Remote Memory Content Disclosure
The remote Real Server discloses the content of its memory when issued the request : GET /admin/includes/ This information may be used by an attacker to obtain administrative control on this server, or to gain more knowledge about it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script...
Verity UltraSeek 3.1.x Malformed URL Remote DoS
It is possible to make the remote UltraSeek server hang temporarily by requesting : /index.html?&col=&ht=0&qs=&qc=&pw=100%25&ws=0&nh=10&lk=1&rf=0&si=1&si=1&ql=../../../index An attacker may use this flaw to prevent this site from responding to valid client requests. %NASLMINLEVEL 70300 C Tenable...
thttpd ssi: retrieval of arbitrary world-readable files
thttpd 2.19 and earlier server-side-includes CGI program ssi allows retrieval of arbitrary world-readable files Date: October 2, 2000 Application: thttpd 2.19 and before Author: ghandi [email protected] Vendor Status: merged patches into thttpd 2.20 Fix: upgrade into thttpd 2.20 1. Description...
OpenSSH 1.2 - '.scp' File Create/Overwrite
source: https://www.securityfocus.com/bid/1742/info A vulnerability exists in the 1.2.x releases of scp which, if properly exploited using a modified scp binary on the server end, can permit the remote server to spoof local pathnames and overwrite files belonging to the local user. For example,...
WebSite Pro webfind.exe keywords Parameter Remote Overflow
The 'webfind.exe' CGI script on the remote host is vulnerable to a buffer overflow when given a too long 'keywords' argument. This problem allows an attacker to execute arbitrary code as root on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Dragon Telnet Server Login Name Handling Remote Overflow DoS
It was possible to shut down the remote telnet server by issuing a far too long login name over 16,000 chars This problem allows an attacker to prevent remote administration of this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10451; scriptversion"1.27";...
Rockliffe MailSite Management Agent wconsole.dll GET Request Overflow
The version of Rockliffe MailSite installed on the remote host is prone to a buffer overflow attack that can be triggered by a request like : GET /cgi-bin/wconsole.dll?AAAA....AAAA This may be of some use to an attacker to run arbitrary code on this system and/or crash it. C Tenable Network...
CVSweb Detection
CVSweb is a web interface for a CVS repository. It allows users to browse through the history of the source code of a given project. If your environement contains sensitive source code, then access to this CGI should be password-protected. C Tenable Network Security, Inc. include"compat.inc";...
CVE-2000-0156
Technical details (affected products, vulnerable components, and exploit information) are not provided in the supplied documents. Monitor for updates.
win98-con.txt
New exploit found by the securax crew on 3/3/error for: windoze 98 maybe 95 too... not for NT4 or win2K When we looked at the new exploit for ie that uses the image c:/con/con http://www.zoomnet.net/quick/error/crash.html we experimented a bit with that unexisting path. We found that any program ...
Microsoft Internet Explorer 455.55.0.1 - external.NavigateAndFind() Cross-Frame
Microsoft Internet Explorer 455.55.0.1 - external.NavigateAndFind Cross-Frame Microsoft Internet Explorer 4.0 for WfW/Windows 3.1/Windows 95/Windows NT 3/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.5,Internet Explorer 5.0.1,Internet...
symantec mail-gear 1.0 - Directory Traversal
source: https://www.securityfocus.com/bid/827/info Mail-Gear, a multi-purpose filtering email server, includes a webserver for remote administration and email retrieval. This webserver is vulnerable to the '../' directory traversal attack. By including the string '../' in the URL, remote attacker...
WWWBoard passwd.txt Authentication Credential Disclosure
The remote host is running WWWBoard, a bulletin board system written by Matt Wright. This board system comes with a password file passwd.txt installed next to the file 'wwwboard.html'. An attacker may obtain the contents of this file and decode the password to modify the remote www board...
MDaemon WebConfig HTTP Server URL Overflow DoS
It was possible to crash Webconfig which is used to configure MDaemon by sending the request : GET /aaaaa...aaa HTTP/1.0 This could allow a remote attacker to crash the web server, preventing the MDaemon server from being configured remotely. C Tenable Network Security, Inc. include"compat.inc";...
FTPGate Web Proxy Traversal Arbitrary File Access
It is possible to read arbitrary files on the remote server by prepending ../../ or ....\ in front of the file name. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10091; scriptversion "1.24"; scriptcvsdate"Date: 2018/08/10 18:07:08"; scriptnameenglish:"FTPGate Web...
CVE-1999-0468
CVE-1999-0468: Internet Explorer 5.0 allows a remote server to read arbitrary files on the client’s file system via the Microsoft Scriptlet Component. Reported impact per CVSS suggests confidentiality loss (C:H) and overall HIGH severity (8.2) per CVSS v3.1, with network access and no user intera...