1851 matches found
IdeaBox include.php ideaDir Parameter Remote File Inclusion
It is possible to make the remote host include PHP files hosted on a third-party server using ideabox. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date:...
[NT] BadBlue Arbitrary Administrative Actions Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion In the US? Contact Beyond Security at our new California office housewarming rates on automated network vulnerability scanning. We also...
Buffer Overflow in mod_ssl
Overview A buffer overflow exists in modssl. Description modssl is an Apache module that allows secure connections over X.509 authenticated channels. A buffer overflow exists in the sslcompatdirective function. For more detailed information, please see the original vulnerability report. --- Impac...
12Planet Chat Server 2.5 - Error Message Installation Full Path Disclosure
12Planet Chat Server 2.5 - Error Message Installation Full Path Disclosure source: https://www.securityfocus.com/bid/7355/info When certain malformed URL requests are sent to a 12Planet Chat Server, the server's installation path may be revealed in the returned error message. This information cou...
Microsoft ISA Server
It's possible to cause infinite reply loops with spoofed UDP packets with bith source and destination ports 1745 between 2 servers on from server to itself...
@(#)Mordred Labs advisory - Integer overflow in PHP array_pad() function
//@ Mordred Security Labs advisory Release date: April 1, 2003 Name: Integer overflow in PHP arraypad function Versions affected: all versions Risk: average Author: Sir Mordred [email protected] I. Description: PHP is a widely-used general-purpose scripting language that is especially suited for...
Apache mod_ssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow (1)
Apache modssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow 1 / E-DB Note: Updated exploit https://www.exploit-db.com/exploits/47080 E-DB Note: Updating OpenFuck Exploit http://paulsec.github.io/blog/2014/04/14/updating-openfuck-exploit/ OF version r00t VERY PRIV8 spabam Compile with: gcc -...
Microsoft FrontPage Unpassworded Installation
The remote web server appears to have FrontPage Extensions installed with incorrectly set permissions. A remote attacker could exploit this to modify web pages on the server. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11455; scriptversion "$Revision: 1.21 $";...
E-theni aff_liste_langue.php rep_include Parameter Remote File Inclusion
It is possible to make the remote host include PHP files hosted on a third-party server using E-Theni. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: From:...
INDY : idHTTPserver directory traversal
... in URL allows access to any file on the server...
PHP-Nuke 6.5 Addon - 'Viewpage.php' File Disclosure
source: https://www.securityfocus.com/bid/7191/info PHP-Nuke has been reported prone to a file disclosure vulnerability when using the viewpage.php addon. It has been reported that PHP-Nuke may disclose arbitrary web server readable files under certain circumstances. It should be noted that this...
SimpleChat Information Disclosure
It is possible to retrieve list of users currently connected to the remote SimpleChat server by requesting the file 'data/usr'. An attacker may use this flaw to obtain the IP address of every user currently connected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: 20 Mar 2003...
Apache 2.0.x < 2.0.43 Multiple Vulnerabilities (Log Injection, Source Disc.)
The remote host appears to be running a version of Apache 2.0.x prior to 2.0.43. It is, therefore, affected by an information disclosure vulnerability. An attacker can exploit this vulnerability by making a POST request to files in a folder with both WebDAV and CGI enabled. Note that Nessus solel...
Vulnerability in OpenSSL
Dan Boneh and I have been researching timing attacks against software crypto libraries. Timing attacks are usually used to attack weak computing devices such as smartcards. We've successfully developed and mounted timing attacks against software crypto libraries running on general purpose PC's. W...
HP JetDirect < Q.24.09 Multiple Vulnerabilities
The remote HP JetDirect is, according to its version number, vulnerable to an issue that may allow an attacker to gain unauthorized access on this printer, or crash it. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11396; scriptversion"1.14"; scriptbugtraqid7070;...
SunFTP Multiple Command Traversal Arbitrary File Creation/Deletion
Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. dot dot characters in various commands, including 1 GET, 2 MKDIR, 3 RMDIR, 4 RENAME, or 5 PUT. This script was written by Xue Yong Zhi See the Nessus Scripts License for details Changes by...
smb2www Unspecified Arbitrary Remote Command Execution
The remote host is running smb2www - a SMB to WWW gateway. There is a flaw in the version of this CGI which allows anyone to execute arbitrary commands on this host by sending a malformed argument to smbshr.pl, one of the components of this solution. %NASLMINLEVEL 70300 C Tenable Network Security...
Protegrity Secure.Data for Microsoft SQL Server 2000 contains buffer overflows in extended stored procedures
Overview Protegrity Secure.Data for Microsoft SQL Server 2000 includes several extended stored procedures that contain buffer overflow vulnerabilities. These vulnerabilities could allow a remote attacker to execute arbitrary code, gain access to databases, or cause a denial of service. Descriptio...
WU-FTPD Unspecified Security Issue
The version of WU-FTPD running on the remote host has an unspecified remote vulnerability. This is reportedly due to an unspecified bug in glob.c discovered by the SuSE security team. Nessus verified this vulnerability by looking at the banner of the remote FTP server. C Tenable Network Security,...
ISMAIL (All Versions) Remote Buffer Overrun
NGSSoftware Insight Security Research Advisory Name: ISMAIL v 1.25 & v 1.4.3 Remote Buffer Overrun Systems Affected: WinNT, Win2K, XP Severity: High Risk Category: Remote Buffer Overrun Vendor URL: http://instantservers.com/ismail.html Author: Mark Litchfield [email protected] Date: 27th...