Lucene search
+L

1851 matches found

nessus
nessus
added 2002/04/20 12:0 a.m.22 views

Citrix Server Detection

Citrix servers allow a Windows user to remotely obtain a graphical login and therefore act as a local user on the remote host. NOTE: by default the Citrix Server application utilizes a weak 40 bit obfuscation algorithm not even a true encryption. If the default settings have not been changed, the...

5.7AI score
Exploits0References1
cert
cert
added 2002/04/10 12:0 a.m.94 views

Microsoft Internet Information Server (IIS) vulnerable to buffer overflow via inaccurate checking of delimiters in HTTP header fields

Overview A buffer overflow in IIS could allow an intruder to execute arbitrary code the the privileges of the ASP ISAPI extension. Description Like all web servers, IIS parses HTTP headers and decomposes them into the constituent parts. As part of this processing, IIS checks for delimiters that a...

7.5CVSS7.7AI score0.39833EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/04/04 12:0 a.m.41 views

Directory traversal in Quik-Serv Web Server

No description provided...

2.5AI score
Exploits0References1Affected Software1
nessus
nessus
added 2002/03/27 12:0 a.m.37 views

csSearch csSearch.cgi setup Parameter Arbitrary Command Execution

The version of csSearch running on the remote host has a command execution vulnerability. Input to the 'print' parameter of 'csSearch.cgi' is not properly sanitized. A remote attacker could exploit this by executing arbitrary system commands with the privileges of the web server. %NASLMINLEVEL...

10CVSS5.8AI score0.13092EPSS
Exploits1References1
cve
cve
added 2002/03/15 5:0 a.m.33 views

CVE-2001-1107

CVE-2001-1107 affects SnapStream PVS 1.2a, where passwords are stored in plaintext in the SSD.ini file. This storage flaw could allow a remote attacker to gain privileges on the affected server. The available documents do not specify a patch or version that fixes the issue, nor provide exploit de...

5CVSS7.2AI score0.03257EPSS
Exploits1References4Affected Software1
cve
cve
added 2002/03/09 5:0 a.m.51 views

CVE-2001-0276

The vulnerability CVE-2001-0276 affects BadBlue Personal Edition (1.02.07) where ext.dll can be invoked directly without arguments, causing an error message that reveals the server’s physical path. This is a path disclosure issue in the web server software. The available connected documents confi...

6.4CVSS6.8AI score0.03468EPSS
Exploits1References4Affected Software1
exploitpack
exploitpack
added 2002/03/05 12:0 a.m.26 views

Microsoft IIS 4.05.05.1 - Authentication Method Disclosure

Microsoft IIS 4.05.05.1 - Authentication Method Disclosure source: https://www.securityfocus.com/bid/4235/info Microsoft IIS supports Basic and NTLM authentication. Reportedly, the authentication methods supported by a given IIS server can be revealed to an attacker through the inspection of...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/02/04 12:0 a.m.41 views

Lotus Domino url bypass

--------------------------------------------------------------------------- Web: http://qb0x.net Author: Gabriel A. Maggiotti Date: Febrary 03, 2002 E-mail: [email protected] --------------------------------------------------------------------------- General Info ------------ Problem Type :...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/11/20 12:0 a.m.22 views

Hypermail SSI Vulnerability

Hypermail SSI Vulnerability qDefense Advisory Number QDAV-2001-11-1 Product: Hypermail Vendor: Hypermail Development http://www.hypermail.org Severity: Remote; Attacker may be able to execute arbitrary commands on servers that run Hypermail and SSI Vendor Status: Vendor contacted; patch released ...

1AI score
Exploits0
cert
cert
added 2001/10/19 12:0 a.m.21 views

RSA Security ACE/Agent for Windows, ACE/Agent for Windows NT, and ACE/Agent for Windows 2000 do not properly handle URL encoded characters in URL

Overview RSA Security ACE/Agent for Windows, ACE/Agent for Windows NT, and ACE/Agent for Windows 2000 contain a vulnerability in which the ACE/Agent does not properly handle URL encoded characters contained in a URL. A specially crafted request may bypass authentication and expose the contents of...

7.3AI score
Exploits0References2
cvelist
cvelist
added 2001/09/18 4:0 a.m.25 views

CVE-1999-0756

ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility...

6.6AI score0.01258EPSS
Exploits0References2
cve
cve
added 2001/09/12 4:0 a.m.48 views

CVE-1999-1522

Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML. Public details on affected versions, root cause, impact and fixes are not provided in the connected documents.

5CVSS7AI score0.01074EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/09/12 12:0 a.m.33 views

Textor Webmasters Ltd (listrec.pl)

Last update of listrec.pl Jon Wright 11/11/1998. This script has vulnerability does not filter input of the user which allows to carry out commands from WebServer. EXPLOIT: www.server.com/cgi-bin/common/listrec.pl? APP=qmh-news&TEMPLATE=;ls| XP-TEAM...

2.5AI score
Exploits0
nessus
nessus
added 2001/08/29 12:0 a.m.17 views

Tripwire for Webpages Installation Disclosure

The remote host is running Tripwire for Webpages, a commercial product to monitor for changes in web pages. This information may prove useful to anyone doing reconnaissance before launching an actual attack. %NASLMINLEVEL 70300 C Tenable Network Security include'deprecatednasllevel.inc';...

5.5AI score
Exploits0References1
nvd
nvd
added 2001/08/22 4:0 a.m.11 views

CVE-2001-0571

Directory traversal vulnerability in the web server for 1 Elron Internet Manager IM Message Inspector and 2 Anti-Virus before 3.0.4 allows remote attackers to read arbitrary files via a .. dot dot in the requested URL...

5CVSS6.7AI score0.08338EPSS
Exploits1References5
exploitdb
exploitdb
added 2001/07/22 12:0 a.m.30 views

Sambar Server 4.4/5.0 - 'pagecount' File Overwrite

source: https://www.securityfocus.com/bid/3091/info Sambar Server is a multi-threaded HTTP server for Microsoft Windows and Unix systems. Sambar WWW Server is bundled with a sample script'pagecount' which creates temporary files on the host. However, it is possible for a remote attacker to craft ...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2001/06/21 12:0 a.m.17 views

1C: Arcadia Internet Store 1.0 - Path Disclosure

source: https://www.securityfocus.com/bid/2904/info 1C: Arcadia Internet Store is a online shopping utility for Microsoft Windows NT/2000 that is fully integratable with 1C: Enterprise, another popular Russian web-commerce utility. One of the components of this package, 'tradecli.dll', allows use...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/06/19 12:0 a.m.98 views

Security Bulletin MS01-033

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Uncheck...

0.3AI score
Exploits0
exploitdb
exploitdb
added 2001/06/13 12:0 a.m.19 views

SiteWare 2.5/3.0/3.1 Editor Desktop - Directory Traversal

source: https://www.securityfocus.com/bid/2868/info Screaming Media is a provider for custom web content. SiteWare Editor Desktop is the web-based administration tool for managing Screaming Media content. SiteWare Editor Desktop is prone to directory traversal attacks which can lead to disclosure...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/05/23 12:0 a.m.118 views

Vulnerability in Oracle E-Business Suite Release 11i Applications Desktop Integrator

Post date: 05/22/01 Vulnerability in Oracle E-Business Suite Release 11i Applications Desktop Integrator Overview A potential security vulnerability has been discovered in Applications Desktop Integrator ADI version 7.X for Oracle E-Business Suite Release 11i. A debug version of the FNDPUB11I.DLL...

0.2AI score
Exploits0
Rows per page
Query Builder