1851 matches found
FreeBSD-SA-00:14.imap-uw
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:14 Security Advisory FreeBSD, Inc. Topic: imap-uw contains security vulnerabilities for "closed" mail servers Category: ports Module: imap-uw Announced: 2000-04-24...
DVWSSR.dll Buffer Overflow Vulnerability in Microsoft IIS 4.0 Web Servers
No description provided...
Sambar Server 4.2 Beta 7 - Batch CGI
Sambar Server 4.2 Beta 7 - Batch CGI source: https://www.securityfocus.com/bid/1002/info The Sambar Web/FTP/Proxy Server for Windows NT and 2000 supports DOS-style batch programs as CGI scripts. A remote attacker can use any batch file used by the server in the 'cgi-bin' directory to run any vali...
Daniel Beckham The Finger Server 0.82 Beta - Pipe
Daniel Beckham The Finger Server 0.82 Beta - Pipe source: https://www.securityfocus.com/bid/974/info 'The Finger Server' is a perl script for providing .plan-like functionality through a website. Due to insufficient input checking it is possible for remote unauthenticated users to execute shell...
iMailv5.txt
0oooop / Six Toed / Security Advisory Date: 2000, 03/01 Affected Software: iMail Server 5.0 Platform: Windows NT 4.0 SP 6a Problem A malicous user can read and send emails as any other user on the system. How The issue lies in how iMail handles the creating of new email accounts, and how it store...
WWWBoard passwd.txt Authentication Credential Disclosure
The remote host is running WWWBoard, a bulletin board system written by Matt Wright. This board system comes with a password file passwd.txt installed next to the file 'wwwboard.html'. An attacker may obtain the contents of this file and decode the password to modify the remote www board...
[SECURITY] New version of nfs-server fixes remote exploit
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman November 11, 1999 - ------------------------------------------------------------------------ The version of nfs-server that was...
F5 BIG/ip bigconf.cgi file Parameter Arbitrary File Access
The 'bigconf' CGI is installed. This CGI has a well-known security flaw that allows an attacker to execute arbitrary commands with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...
XtraMail SMTP HELO Command Remote Overflow
The remote host is running a version of XtraMail with a remote buffer overflow vulnerability. The overflow is caused by by issuing the 'HELO' command, followed by a long argument. The HELO command is typically one of the first commands required by a mail server. The command is used by the mail...
ex_urllive.txt
URL Live! 1.0 WebServer for Windows95/98/NT which is released by Pacific Software Publishing, Inc. http://www.urllive.com/ also has a "../" security problem, any users can download any files on the victim host. example: http://www.xxx.yy.jp/../../../../config.sys...
Alibaba get32.exe Arbitrary Command Execution
The 'get32.exe' CGI script is installed on this machine. This CGI has a well known security flaw that allows an attacker to execute arbitrary commands on the remote system with the privileges of the HTTP daemon typically root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Alibaba tst.bat Arbitrary Command Execution
The 'tst.bat' CGI script is installed on this machine. This CGI has a well known security flaw that would allow an attacker to read arbitrary files on the remote system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...
Web Server robots.txt Information Disclosure
The remote host contains a file named 'robots.txt' that is intended to prevent web 'robots' from visiting certain directories in a website for maintenance or indexing purposes. A malicious user may also be able to use the contents of this file to learn of sensitive documents or directories on the...
CVE-1999-0269
CVE-1999-0269 affects Netscape Enterprise servers, where the PageServices query can disclose directory listings. The core issue is an information disclosure vulnerability permitting an unauthenticated remote attacker to list files via crafted requests containing an area like ‘?PageServices’. Mult...
CVE-1999-0059
Consolidated data shows CVE-1999-0059 affects the IRIX fam service, enabling an attacker to obtain a list of all files on the server. The vulnerability details specify this behavior but do not provide concrete root-cause code or patch information. The PT-1997-1032 entry notes that there is no inf...
ProFTPD NLST Command Argument Handling Remote Overflow
It was possible to crash the remote FTP server by issuing a specially crafted command, such as 'NLST aaaXXXX%u%...%u%u%u%%u%653300u%n' where 'XXXX' is replaced with four characters - ASCII values 0xDC, 0x4F, 0x07 and 0x08. This issue is known to affect ProFTPD version 1.2.0pre6, although other FT...
CVE-1999-0734
A default configuration of CiscoSecure Access Control Server ACS allows remote users to modify the server database without authentication...
http-request_method.txt
Date: Wed, 6 Jan 1999 13:16:07 -0000 From: mnemonix To: [email protected] Subject: HTTP REQUESTMETHOD flaw There is a "feature" inherent in some web servers, such as Apache 1.3.x or MS IIS, that carries mild security implications that could allow web server attacks to go unnoticed. The problem...
ms.siteserver.3.0.adsamples.txt
Date: Tue, 11 May 1999 16:27:38 -0600 From: Mark To: [email protected] Subject: ALERT Site Server 3.0 May Expose SQL IDs and PSWs ==================================================== Site Server's AdSamples Directory Reveals ID and PSW Discovered by Andrey Kruchkov...
compaq.insight.manager.server.txt
Date: Wed, 26 May 1999 16:41:36 +0100 From: [email protected] To: [email protected] Subject: Infosec.19990526.compaq-im.a Infosec Security Vulnerability Report No: Infosec.19990526.compaq-im.a ===================================== Vulnerability Summary --------------------- Problem:...