232 matches found
CVE-2001-0626
O'Reilly Website Professional 2.5.4 and earlier allows remote attackers to determine the physical path to the root directory via a URL request containing a ":" character...
CVE-2001-0467
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a ... modified dot dot in an HTTP URL request...
ScreenOS 1.732.x - Firewall Denial of Service
ScreenOS 1.732.x - Firewall Denial of Service source: https://www.securityfocus.com/bid/2176/info NetScreen Firewall is a network appliance used to secure against intruders and various types of attacks to a network. NetScreen has a Web administrative Interface WebUI used to configure and set the...
CVE-2000-0497
IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case...
CVE-2000-0430
The provided documents identify CVE-2000-0430 as a flaw in Cart32 where remote attackers can access sensitive debugging information by appending /expdate to the URL. Affected component: Cart32 (web/URL handling). Root cause: improper handling of URL paths leading to exposure of debugging data; im...
CVE-2000-0430
Cart32 allows remote attackers to access sensitive debugging information by appending /expdate to the URL request...
AnalogX SimpleServer:WWW 1.0.3 - Denial of Service
source: https://www.securityfocus.com/bid/1076/info Requesting a URL containing a string of exactly eight characters following the /cgi-bin/ directory 17 characters in total will cause AnalogX SimpleServer:WWW to shut down. http://target/cgi-bin/...
Fastraq Mailtraq 1.1.4 - Multiple Path Vulnerabilities
Fastraq Mailtraq 1.1.4 - Multiple Path Vulnerabilities source: https://www.securityfocus.com/bid/1278/info A remote user may browse any known directory on a host running Fastraq Mailtraq 1.1.4 by making a URL request that includes the '../' string. In addition, requesting a URL appended with "../...
Generation Terrorists Designs & Concepts Sojourn 2.0 - File Access
source: https://www.securityfocus.com/bid/1052/info Any file that the webserver has read access to can be read on a server running the Sojourn search engine. The Sojourn software includes the ability to organize a website into categories. These categories can then be accessed via the sojourn.cgi...
SalesLogix Eviewer Web App Bug: URL request crashes eviewer web application
Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, I am not liable for any damages caused by direct or indirect use of the information or functionality provided by this advisory. I bear NO responsibility for...
CVE-2000-0066
WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request...
Ipswitch IMail 5.0/6.0 - Web Service Buffer Overflow (Denial of Service) (PoC)
source: https://www.securityfocus.com/bid/505/info The IMail web server can be crashed by requesting an abnormally long URL. Telnet to target machine, port 8383 Send: GET /glob1/ Where glob1 is 3000 characters. Marc Maiffret has released the following exploit:...