CVE-2000-0778

IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability...

Apache on SuSE Linux cgi-bin-sdb Request Script Source Disclosure

The directory /cgi-bin-sdb is an Alias of /cgi-bin - most SuSE systems are configured that way. This setting allows an attacker to obtain the source code of the installed CGI scripts on this host. This is dangerous as it gives an attacker valuable information about the setup of this host, or...

IBM WebSphere default servlet handler showcode vulnerability

Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory IBM WebSphere default servlet handler showcode vulnerability ---------------------------------------------------------------------- FS Advisory ID: FS-072400-6-IBM Release Date: July 24, 2000 Product: IBM...

CVE-2000-0652

IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string...

IBM Websphere Application Server 2.0.3.03.0.2.1 - Showcode

IBM Websphere Application Server 2.0.3.03.0.2.1 - Showcode source: https://www.securityfocus.com/bid/1500/info Certain versions of the IBM WebSphere application server ship with a vulnerability which allows malicious users to view the source of any document which resides in the web document root...

IBM Websphere Application Server 2.0./3.0/3.0.2.1 - Showcode

source: https://www.securityfocus.com/bid/1500/info Certain versions of the IBM WebSphere application server ship with a vulnerability which allows malicious users to view the source of any document which resides in the web document root directory. This is possible via a flaw which allows a defau...

CVE-2000-0396

The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files...

CVE-2000-0500

The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing...

IBM WebSphere JSP showcode vulnerability

Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory IBM WebSphere Application Server ---------------------------------------------------------------------- FS Advisory ID: FS-061200-3-IBM Release Date: June 12, 2000 Product: WebSphere Application Server Vendo...

Potential vulnerability in Unify eWave ServletExec

Niclas Vikstrom [email protected] brought this to my attention. Unify eWave ServletExec http://www.servletexec.com/ is a Java Server Pages JSP processing environment which runs on IIS amongst a variety of other platforms and OS'. JSP is similar to ASP in that it allows server-side source...

Microsoft FrontPage 98 Server Extensions for IIS Microsoft InterDev 1.0 - Filename Obfuscation

Microsoft FrontPage 98 Server Extensions for IIS Microsoft InterDev 1.0 - Filename Obfuscation source: https://www.securityfocus.com/bid/1108/info Two dlls dvwssr.dll and mtd2lv.dll included with the FrontPage 98 extensions for IIS and shipped as part of the NT Option Pack include an obfuscation...

More info on MS00-019

In usual tradition, little information is to be had about the "Virtualized UNC Share" problem talked about in MS00-019. Luckily, MS was nice enough to submit an extra post to Bugtraq to give Adam Coyne credit. Anyways, for those of you interested in the problem, making a request for a file with a...

ms00-019.info.txt

In usual tradition, little information is to be had about the "Virtualized UNC Share" problem talked about in MS00-019. Luckily, MS was nice enough to submit an extra post to Bugtraq to give Adam Coyne credit. Anyways, for those of you interested in the problem, making a request for a file with a...

Microsoft IIS 4.0 - UNC Mapped Virtual Host

Microsoft IIS 4.0 - UNC Mapped Virtual Host MS Commercial Internet System 2.0/2.5,IIS 4.0,Proxy Server 2.0,Site Server Commerce Edition 3.0 UNC Mapped Virtual Host Vulnerability source: https://www.securityfocus.com/bid/1081/info If a virtual host root is mapped to a UNC share, a backward slash "...

Microsoft IIS 4.0 - UNC Mapped Virtual Host

MS Commercial Internet System 2.0/2.5,IIS 4.0,Proxy Server 2.0,Site Server Commerce Edition 3.0 UNC Mapped Virtual Host Vulnerability source: https://www.securityfocus.com/bid/1081/info If a virtual host root is mapped to a UNC share, a backward slash "" appended to an ASP or HTR extension in a...

asp.runtime-error.txt

Forwarded with permission of the author. Please direct all replies to [email protected]. Ben Greenbaum Director of Site Content Security Focus http://www.securityfocus.com ---------- Forwarded message ---------- Description: ============ Active server pages ASP with runtime errors expose a security...

CVE-1999-0286

The CVE describes a vulnerability in some NT web servers where appending a trailing space to a URL allows attackers to read the source of active pages, enabling complete confidentiality compromise. Documented by multiple sources (NVD, Red Hat, CVE list) with no publicly documented fix/version pro...

CVE-1999-0253

Summary: CVE-1999-0253 describes an information-disclosure flaw in IIS 3.0 with the iis-fix hotfix, where remote attackers could disclose ASP source by appending %2e in the URL. Affected product: Microsoft IIS 3.0 (with iis-fix) as documented in Red Hat, NVD/NVD-like records and Nessus entry; mul...

CVE-1999-0286

In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages...

CVE-1999-0253

IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . dot in the URL...