Lucene search
+L

1851 matches found

nessus
nessus
added 2003/04/29 12:0 a.m.24 views

IdeaBox include.php ideaDir Parameter Remote File Inclusion

It is possible to make the remote host include PHP files hosted on a third-party server using ideabox. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date:...

6AI score
Exploits0References1
securityvulns
securityvulns
added 2003/04/21 12:0 a.m.35 views

[NT] BadBlue Arbitrary Administrative Actions Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion In the US? Contact Beyond Security at our new California office housewarming rates on automated network vulnerability scanning. We also...

1AI score
Exploits0
cert
cert
added 2003/04/17 12:0 a.m.33 views

Buffer Overflow in mod_ssl

Overview A buffer overflow exists in modssl. Description modssl is an Apache module that allows secure connections over X.509 authenticated channels. A buffer overflow exists in the sslcompatdirective function. For more detailed information, please see the original vulnerability report. --- Impac...

7.8CVSS7.8AI score0.011EPSS
Exploits0References4
exploitpack
exploitpack
added 2003/04/11 12:0 a.m.11 views

12Planet Chat Server 2.5 - Error Message Installation Full Path Disclosure

12Planet Chat Server 2.5 - Error Message Installation Full Path Disclosure source: https://www.securityfocus.com/bid/7355/info When certain malformed URL requests are sent to a 12Planet Chat Server, the server's installation path may be revealed in the returned error message. This information cou...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2003/04/10 12:0 a.m.34 views

Microsoft ISA Server

It's possible to cause infinite reply loops with spoofed UDP packets with bith source and destination ports 1745 between 2 servers on from server to itself...

3.1AI score
Exploits0References2Affected Software2
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.28 views

@(#)Mordred Labs advisory - Integer overflow in PHP array_pad() function

//@ Mordred Security Labs advisory Release date: April 1, 2003 Name: Integer overflow in PHP arraypad function Versions affected: all versions Risk: average Author: Sir Mordred [email protected] I. Description: PHP is a widely-used general-purpose scripting language that is especially suited for...

1.3AI score
Exploits0
exploitpack
exploitpack
added 2003/04/04 12:0 a.m.26 views

Apache mod_ssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow (1)

Apache modssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow 1 / E-DB Note: Updated exploit https://www.exploit-db.com/exploits/47080 E-DB Note: Updating OpenFuck Exploit http://paulsec.github.io/blog/2014/04/14/updating-openfuck-exploit/ OF version r00t VERY PRIV8 spabam Compile with: gcc -...

0.9AI score
Exploits0
nessus
nessus
added 2003/04/04 12:0 a.m.25 views

Microsoft FrontPage Unpassworded Installation

The remote web server appears to have FrontPage Extensions installed with incorrectly set permissions. A remote attacker could exploit this to modify web pages on the server. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11455; scriptversion "$Revision: 1.21 $";...

5.6AI score
Exploits0References1
nessus
nessus
added 2003/03/28 12:0 a.m.30 views

E-theni aff_liste_langue.php rep_include Parameter Remote File Inclusion

It is possible to make the remote host include PHP files hosted on a third-party server using E-Theni. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: From:...

6.8CVSS6AI score0.04836EPSS
Exploits1References2
securityvulns
securityvulns
added 2003/03/25 12:0 a.m.32 views

INDY : idHTTPserver directory traversal

... in URL allows access to any file on the server...

3.3AI score
Exploits0Affected Software1
exploitdb
exploitdb
added 2003/03/25 12:0 a.m.46 views

PHP-Nuke 6.5 Addon - 'Viewpage.php' File Disclosure

source: https://www.securityfocus.com/bid/7191/info PHP-Nuke has been reported prone to a file disclosure vulnerability when using the viewpage.php addon. It has been reported that PHP-Nuke may disclose arbitrary web server readable files under certain circumstances. It should be noted that this...

7.4AI score
Exploits0
nessus
nessus
added 2003/03/25 12:0 a.m.24 views

SimpleChat Information Disclosure

It is possible to retrieve list of users currently connected to the remote SimpleChat server by requesting the file 'data/usr'. An attacker may use this flaw to obtain the IP address of every user currently connected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: 20 Mar 2003...

5.5AI score
Exploits0References1
nessus
nessus
added 2003/03/17 12:0 a.m.75 views

Apache 2.0.x < 2.0.43 Multiple Vulnerabilities (Log Injection, Source Disc.)

The remote host appears to be running a version of Apache 2.0.x prior to 2.0.43. It is, therefore, affected by an information disclosure vulnerability. An attacker can exploit this vulnerability by making a POST request to files in a folder with both WebDAV and CGI enabled. Note that Nessus solel...

5CVSS5.5AI score0.17413EPSS
Exploits8References3
securityvulns
securityvulns
added 2003/03/15 12:0 a.m.31 views

Vulnerability in OpenSSL

Dan Boneh and I have been researching timing attacks against software crypto libraries. Timing attacks are usually used to attack weak computing devices such as smartcards. We've successfully developed and mounted timing attacks against software crypto libraries running on general purpose PC's. W...

2.5AI score
Exploits0
nessus
nessus
added 2003/03/15 12:0 a.m.18 views

HP JetDirect < Q.24.09 Multiple Vulnerabilities

The remote HP JetDirect is, according to its version number, vulnerable to an issue that may allow an attacker to gain unauthorized access on this printer, or crash it. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11396; scriptversion"1.14"; scriptbugtraqid7070;...

5.6AI score
Exploits0References1
nessus
nessus
added 2003/03/13 12:0 a.m.38 views

SunFTP Multiple Command Traversal Arbitrary File Creation/Deletion

Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. dot dot characters in various commands, including 1 GET, 2 MKDIR, 3 RMDIR, 4 RENAME, or 5 PUT. This script was written by Xue Yong Zhi See the Nessus Scripts License for details Changes by...

6.4CVSS5.7AI score0.05996EPSS
Exploits1References1
nessus
nessus
added 2003/03/13 12:0 a.m.120 views

smb2www Unspecified Arbitrary Remote Command Execution

The remote host is running smb2www - a SMB to WWW gateway. There is a flaw in the version of this CGI which allows anyone to execute arbitrary commands on this host by sending a malformed argument to smbshr.pl, one of the components of this solution. %NASLMINLEVEL 70300 C Tenable Network Security...

7.5CVSS6AI score0.02165EPSS
Exploits0References1
cert
cert
added 2003/03/13 12:0 a.m.26 views

Protegrity Secure.Data for Microsoft SQL Server 2000 contains buffer overflows in extended stored procedures

Overview Protegrity Secure.Data for Microsoft SQL Server 2000 includes several extended stored procedures that contain buffer overflow vulnerabilities. These vulnerabilities could allow a remote attacker to execute arbitrary code, gain access to databases, or cause a denial of service. Descriptio...

10CVSS8.3AI score0.04751EPSS
Exploits0References6
nessus
nessus
added 2003/03/09 12:0 a.m.27 views

WU-FTPD Unspecified Security Issue

The version of WU-FTPD running on the remote host has an unspecified remote vulnerability. This is reportedly due to an unspecified bug in glob.c discovered by the SuSE security team. Nessus verified this vulnerability by looking at the banner of the remote FTP server. C Tenable Network Security,...

7.5CVSS5.6AI score0.01477EPSS
Exploits0References1
securityvulns
securityvulns
added 2003/02/28 12:0 a.m.24 views

ISMAIL &#40;All Versions&#41; Remote Buffer Overrun

NGSSoftware Insight Security Research Advisory Name: ISMAIL v 1.25 & v 1.4.3 Remote Buffer Overrun Systems Affected: WinNT, Win2K, XP Severity: High Risk Category: Remote Buffer Overrun Vendor URL: http://instantservers.com/ismail.html Author: Mark Litchfield [email protected] Date: 27th...

0.1AI score
Exploits0
Rows per page
Query Builder