Lucene search
+L

676 matches found

NVD
NVD
added 2001/08/22 4:0 a.m.20 views

CVE-2001-0626

O'Reilly Website Professional 2.5.4 and earlier allows remote attackers to determine the physical path to the root directory via a URL request containing a ":" character...

7.5CVSS6.5AI score0.07023EPSS
Exploits1References3
exploitpack
exploitpack
added 2001/06/21 12:0 a.m.12 views

1C: Arcadia Internet Store 1.0 - Arbitrary File Disclosure

1C: Arcadia Internet Store 1.0 - Arbitrary File Disclosure source: https://www.securityfocus.com/bid/2902/info 1C: Arcadia Internet Store is a online shopping utility for Microsoft Windows NT/2000 that is fully integratable with 1C: Enterprise, another popular Russian web-commerce utility. One of...

Exploits0
securityvulns
securityvulns
added 2001/05/26 12:0 a.m.51 views

Дырка в clean-tmps в FreeBSD

Можно удалить любые файлы в корневом каталоге...

0.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/05/26 12:0 a.m.29 views

4.3 Security: local DoS via clean-tmps

Tested in 4.3-RELEASE only: If /etc/periodic/daily/clean-tmps is enabled, then it's possible for any local user to trick it into calling unlink or rmdir on anything in the root directory. The problem is that "find -delete" can be made to do chdir".." multiple times followed by unlink and/or rmdir...

Exploits0
NVD
NVD
added 2001/05/24 4:0 a.m.22 views

CVE-2001-0749

Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root...

7.5CVSS6.7AI score0.01727EPSS
Exploits1References3
securityvulns
securityvulns
added 2001/03/05 12:0 a.m.224 views

Faststream FTP++ Client 2 Beta 11 (build in server) Vulnerability

Faststram FTP built in server responds with the real path of directory instead of a virtual one.It is possible to get files outside of root.dir. e:crap was used as root directory 1. directory path 230 User anonymous logged in. ftp pwd 257 "/E:/crap/" is current directory. 2. getting files from...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2001/02/12 12:0 a.m.11 views

Brightstation Muscat 1.0 - Full Path Disclosure

Brightstation Muscat 1.0 - Full Path Disclosure source: https://www.securityfocus.com/bid/2374/info Making an invalid request to a machine running Brightstation Muscat, will disclose the physical path to the root directory. http://target/cgi-bin/empower?DB=UkRteamHole...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2001/02/12 12:0 a.m.29 views

Brightstation Muscat 1.0 - Full Path Disclosure

source: https://www.securityfocus.com/bid/2374/info Making an invalid request to a machine running Brightstation Muscat, will disclose the physical path to the root directory. http://target/cgi-bin/empower?DB=UkRteamHole http://target/cgi-bin/empower?DB=UkRteamHole...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2000/11/01 12:0 a.m.31 views

ManTrap 1.6.1 - Root Directory Inode Disclosure

/ source: https://www.securityfocus.com/bid/1909/info ManTrap is a "honeypot" intrusion detection system designed to lure attackers into it for analysis. The honeypot is implemented as a chroot'ed Solaris environment, designed to look and feel real to an attacker who gains access to it. Chroot...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/07/18 12:0 a.m.28 views

Armada Design Master Index 1.0 - Directory Traversal

source: https://www.securityfocus.com/bid/1772/info Master Index is a commercially supported search engine. Certain versions of this software ship with a path traversal vulnerability. This is to say that a remote user may 'back out' .../ of the web root directory and view/download any file which...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/06/01 12:0 a.m.67 views

IBM HTTP SERVER / APACHE

I haven't seen any advisories for IBM HTTP SERVER running Apache. There is a crucial number of "/" forward slash you can use to retrieve the contents of the root directory of this particular Web Server. Using this vulnerability, you can retrieve any files or scripts running from that directory an...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2000/04/21 12:0 a.m.26 views

SuSE Linux 6.x - Arbitrary File Deletion

source: https://www.securityfocus.com/bid/1130/info A vulnerability exists in SuSE Linux, version 6.3 and prior, that can allow arbitrary users to delete any file on the system. If the MAXDAYSINTMP variable is set in /etc/rc.config to be larger than 0, any local user can remove any file on the...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.169 views

Anonymous FTP Writable root Directory

It is possible to write on the root directory of the remote anonymous FTP server. This allows an attacker to upload arbitrary files which can be used in other attacks, or to turn the FTP server into a software distribution point. TRUSTED...

10CVSS5.8AI score0.01957EPSS
Exploits0References1
Exploit DB
Exploit DB
added 1999/06/07 12:0 a.m.32 views

Netscape FastTrack Server 3.0.1 - Fasttrack Root Directory Listing

source: https://www.securityfocus.com/bid/481/info Netscape's Fasttrack server is supposed to display a directory listing if the follwing three conditions are met: 1: Directory listing is enabled 2: No filename is specified in the requested URL 3: There is no index file in that directory defaults...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1999/06/04 12:0 a.m.19 views

Microsoft IIS (Windows NT 4.0SP1SP2SP3SP4SP5) - .IDC Path Mapping

Microsoft IIS Windows NT 4.0SP1SP2SP3SP4SP5 - .IDC Path Mapping source: https://www.securityfocus.com/bid/299/info The full physical path name for the IIS web server root directory may be obtained by attempting to view a non-existent .IDC file. The web server will return an error message that lis...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 1999/01/01 12:0 a.m.5 views

PT-1999-1187 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The NFS exports system-critical data to the world, including sensitive directories like the root directory / or a password file. Recommendations: At the moment, there is no information...

10CVSS8.4AI score0.11134EPSS
Exploits2References3
Rows per page
Query Builder