Lucene search
+L

287 matches found

Tenable Nessus
Tenable Nessus
added 1999/10/19 12:0 a.m.72 views

OpenLink Web Configurator GET Request Remote Overflow

It is possible to crash the remote web server by sending overly long GET requests. An attacker may exploit this issue to crash the remote web server or execute arbitrary code on the remote system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10169;...

10CVSS6.2AI score0.0347EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/08/22 12:0 a.m.41 views

Microsoft FrontPage Extensions authors.pwd Information Disclosure

The remote web server appears to be running with Microsoft FrontPage extensions. The file 'authors.pwd', which contains the encrypted passwords of FrontPage authors, can by accessed by anyone. A remote attacker could decrypt these passwords, or possibly overwrite this file. C Tenable Network...

5.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/08/19 12:0 a.m.51 views

Glimpse HTTP aglimpse Arbitrary Command Execution

The remote web server is running GlipmseHTTP. The installed version suffers from a remote command execution vulnerability in the 'aglimpse' component. Note that we could not actually check for the presence of this vulnerability, and only checked for the existence of the 'aglimpse' CGI...

7.5CVSS5.7AI score0.08697EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.53 views

thttpd Double Slash Request Arbitrary File Access

The remote HTTP server allows an attacker to read arbitrary files on the remote host with the privileges of the web server, simply by adding a slash in front of its name. For instance, 'GET //etc/passwd' will return the contents of the remote file '/etc/passwd'. C Tenable Network Security, Inc...

5CVSS5.7AI score0.01711EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.95 views

Microsoft IIS perl.exe HTTP Path Disclosure

It was possible to obtain the physical location of a virtual web directory of this host by issuing a request for a non-existent file with an IISAPI-registered extension. An attacker may use this flaw to gain more information about the remote host, and hence make more focused attacks. %NASLMINLEVE...

7.5CVSS5.3AI score0.19027EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.89 views

CDomain whois_raw.cgi fqdn Parameter Arbitrary Command Execution

The remote host appears to be using the CdomainFree 'whoisraw.cgi' script. This CGI script allows an attacker to view any file on the target computer, as well as to execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

10CVSS6AI score0.12557EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.64 views

WebGais webgais CGI Arbitrary Command Execution

The 'webgais' CGI is installed. This CGI may let an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10300;...

7.5CVSS5.5AI score0.08717EPSS
Exploits0References2
Rows per page
Query Builder