669 matches found
DSA-1022-1 storebackup - several
Bulletin has no description...
CVE-2005-4421
Dev-Editor 3.0 allows remote attackers to access any directory outside the web root whose name is a substring of the web root directory name...
Construct a special file name to bypass multiple anti-virus engine-vulnerability warning-the black bar safety net
Affected by the anti - virusengine: Kaspersky Antivirus Symantec AntiVirus F-Prot Antivirus ClamWin Antivirus Avast Antivirus RAV AntiVirus Microsoft AntiSpyware Tested version: Symantec AntiVirus Corporate 8.0 Kaspersky Antivirus Personal Pro 4.5.0.104 Kaspersky Antivirus For MS NTServer 4.5.0.1...
CVE-2005-3551
toendaCMS before 0.6.2 stores user account and session data in the web root directory, which allows remote attackers to obtain sensitive information via a direct request to the appropriate XML file...
Misconfigured Gnutella
The remote host is running the Gnutella servent service. It seems that the root directory of the remote host is visible through this service. Confidential files might be exported. OpenVAS Vulnerability Test $Id: gnutellaexport.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Misconfigured...
CVE-2002-2094
CVE-2002-2094 affects the Hellbent vulnerability described in PT-2002-2814 for hellbent version 01. An attacker can determine the full path of the web root directory by sending a GET request with a relative path that includes the web root’s parent. If the parent is incorrect, the server returns a...
Multiple Vulnerabilities in PHP Surveyor
----------------------------------------------------------- Multiple Vulnerabilities in PHP Surveyor version 0.98 stable ------------------------------------------------------------ Summary: PHP Surveyor is vulnerable to many sql injections, cross site scriptings, and path disclosures. Details:...
CVE-2002-1677
14all.cgi 1.1p15 in mrtgconfig allows remote attackers to determine the physical path to the web root directory via a request with an invalid cfg parameter, which generates an error message that reveals the path...
IBM Websphere 5.0/5.1/6.0 - Application Server Web Server Root JSP Source Code Disclosure
source: https://www.securityfocus.com/bid/13160/info A remote JSP source disclosure vulnerability reportedly affects the IBM WebSphere Application Server. This issue is due to a failure of the application to properly handle various requests under certain circumstances. It should be noted that thi...
TIPS MailPost 5.1.1 - Remote File Enumeration
source: https://www.securityfocus.com/bid/11599/info TIPS MailPost is affected by a remote file enumeration vulnerability. This issue is due to a failure to properly sanitize user requests. An attacker may leverage this issue to gain knowledge of the existence of files outside the Web root...
CVE-1999-1365
Windows NT searches a user's home directory %systemroot% by default before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program...
jailed processes can attach to other jails
A programming error has been found in the jailattach2 system call which affects the way that system call verifies the privilege level of the calling process. Instead of failing immediately if the calling process was already jailed, the jailattach system call would fail only after changing the...
PJ CGI Neo Review - Directory Traversal
PJ CGI Neo Review - Directory Traversal source: https://www.securityfocus.com/bid/9524/info It has been reported that PJ CGI Neo Review may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory by using '../'...
CVE-2003-1022
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory...
[Full-Disclosure] Pablo Sofware Solutions FTP server can detect if a file exists outside the FTP root directory
Pablo Sofware Solutions FTP server can detect if a file exists outside the FTP root directory .oO Overview Oo. Pablo Software Solutions FTP server version 1.77 can detect if a file exists outside the FTP root directory. Discovered on 2004, January, 11th Vendor: Pablo Software Solutions...
security flaw
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests...
Hand-Crafted Software FreeProxy 3.53.6 - FreeWeb Directory Traversal
Hand-Crafted Software FreeProxy 3.53.6 - FreeWeb Directory Traversal source: https://www.securityfocus.com/bid/9388/info It has been reported that FreeWeb server of FreeProxy may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the...
CVE-2003-0977
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests...
DEBIAN-CVE-2003-0977
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests...
Xerox MicroServer - Web Server Directory Traversal
Xerox MicroServer - Web Server Directory Traversal source: https://www.securityfocus.com/bid/9256/info It has been reported that XeroxMicroServer/Xerox11 may be prone to a directory traversal vulnerability that may allow an attacker to traverse outside the server root directory by using '/..' or...