65 matches found
EUVD-2002-0883
Malware in sbrugna...
EUVD-2000-1012
Malware in sbrugna...
EUVD-2004-0649
Malware in sbrugna...
EUVD-2002-0885
Malware in sbrugna...
EUVD-2002-0884
Malware in sbrugna...
EUVD-2000-1011
Malware in sbrugna...
NewAtlanta ServletExec/ISAPI 4.1 Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4793/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. ServletExec/ISAPI discloses the absolute path to the webroot directory when sen...
Unify eWave ServletExec 3 JSP Source Disclosure Vulnerability
No description provided by source. source : http://www.securityfocus.com/bid/1970/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. ServletExec will return the source code of JSP files when a HT...
Unify eWave ServletExec 3.0 c DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1868/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. eWave ServletExec is susceptible to a denial of service attack ...
NewAtlanta ServletExec/ISAPI 4.1 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4795/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. ServletExec/ISAPI will disclose the contents of arbitrary files within the...
ServletExec - Directory Traversal / Authentication Bypass
source: https://www.securityfocus.com/bid/42411/info ServletExec is prone to a directory-traversal vulnerability and multiple authentication-bypass vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to gain...
ServletExec - Directory Traversal Authentication Bypass
ServletExec - Directory Traversal Authentication Bypass source: https://www.securityfocus.com/bid/42411/info ServletExec is prone to a directory-traversal vulnerability and multiple authentication-bypass vulnerabilities because the application fails to sufficiently sanitize user-supplied input...
jsp vulnerabilities and solutions-vulnerability warning-the black bar safety net
Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...
JSP vulnerabilities large-vulnerability warning-the black bar safety net
Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...
JSP vulnerabilities large-vulnerability warning-the black bar safety net
Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...
ServletExec 4.1 / JRun ISAPI DoS
By sending an overly long request for a .jsp file it is possible to crash the remote web server. This problem is known as the ServletExec / JRun ISAPI DoS. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
ServletExec 4.1 ISAPI File Reading
By invoking the JSPServlet directly it is possible to read the contents of files within the webroot that would not normally be accessible global.asa, for example. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...
Unify eWave ServletExec 3.0C file upload
ServletExec has a servlet called SPDX-FileCopyrightText: 2000 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10570";...
ServletExec 4.1 ISAPI Physical Path Disclosure
By requesting a non-existent .JSP file, or by invoking the JSPServlet directly and supplying no filename, it is possible to make the ServletExec ISAPI filter disclose the physical path of the webroot. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a...
Unify eWave ServletExec 3.0C file upload
ServletExec has a servlet called 'UploadServlet' in its server side classes. UploadServlet, when invokable, allows an attacker to upload any file to any directory on the server. The uploaded file may have code that can later be executed on the server, leading to remote command execution. OpenVAS...