7175 matches found
OpenBSD 2.x < 2.8 FTPd - 'glob()' Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/2548/info The BSD ftp daemon and derivatives such as IRIX ftpd or the ftp daemon shipped with Kerberos 5 contain a number of buffer overflows that may lead to a compromise of root access to malicious users. During parsing operations, the ftp daemon...
FreeBSD 4.2-stable - FTPd glob() Remote Buffer Overflow
FreeBSD 4.2-stable - FTPd glob Remote Buffer Overflow source: https://www.securityfocus.com/bid/2548/info The BSD ftp daemon and derivatives such as IRIX ftpd or the ftp daemon shipped with Kerberos 5 contain a number of buffer overflows that may lead to a compromise of root access to malicious...
Apache Tomcat 3.0 - Directory Traversal
source: https://www.securityfocus.com/bid/2518/info Apache Tomcat in a Windows NT environment could be led to traverse the normal directory structure and return requested files from outside of the document root. By including '/../' sequences along with specially chosen characters in requested URL...
anaconda clipper 3.3 - Directory Traversal
source: https://www.securityfocus.com/bid/2512/info Clipper is a headline-gathering tool from Anaconda! Partners which, in certain versions, is vulnerable to directory traversal attacks. By including '/../' sequences in requested URLs, an attacker can cause the retrieval of arbitrary files,...
Aspseek Buffer Overflow
|---------------------------------------------------------------------------------------| / Product: Aspseek Search Engine. Vendor URL: www.aspseek.org / Tested on: v1.0.0 - v1.0.3 Freeware Linux Vendor Contact: Mailed on 8th March NO Reply Vendor Patched though / |-- The Problem,...
ultimate-bb.txt
I set up a script on some server somewhere that will mail me the contents of "whatever" in a url query as such - http://somehost.com/somescript.php/cgi/pl/asp?contents="whatever" when I have that script in place I post a message on the board that I wish to steal peoples passes from withfor Intern...
Squid doesn't quote urls in error messages.
Hi, I noticed that Squid 2.3.STABLE4 doesn't quote urls in error messages. For example if a user visits the following url http://www.dotcom.com/ btest/b The user will get an invalid url page with test in bold. Or even more fun with: http://www.somecompany.com/img...
[SECURITY] New version of horde and imp released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman September 10, 2000 - ------------------------------------------------------------------------ Package : horde and imp Problem type...
ntop.advisory.txt
================================================================================ Hackerslab bugpaper ntop web mode vulnerabliity ================================================================================ Command : /sbin/ntop -w SYSTEM : N/A INFO : ntop - display top network users -w Starts...
Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution
source: https://www.securityfocus.com/bid/1525/info In February of 2000 CERT Coordination Center released an advisory titled "Malicious HTML Tags Embedded in Client Web Requests" advisory attached in 'Credit' section". This advisory was a joint release by the CERT Coordination Center, DoD-CERT, t...
3R Soft MailStudio 2000 2.0 - Arbitrary File Access
3R Soft MailStudio 2000 2.0 - Arbitrary File Access source: https://www.securityfocus.com/bid/1335/info MailStudio 2000 is vulnerable to multiple attacks. It is possible for a remote user to gain read access to all files located on the server via the usage of the "/.." string passed to a CGI,...
Weak Token in Mail.Com Application Allows Compromise of Arbitrary User's Data
Weak Token in Mail.Com Application Allows Compromise of Arbitrary User's Data Black Watch Labs Security Advisory 00-02 March 6, 2000 Name: Weak Token in Mail.Com Application Allows Compromise of Arbitrary User's Data Black Watch Labs ID: BWL-00-02 Date Released: March 6, 2000 Category: Applicatio...
Pocsag POC32 Remote Service Default Password (password)
It is possible to log into the remote pocsag service and view the streams of decoded pager messages using the password 'password'. An attacker may use this problem to gain some knowledge about the computer user and then trick him by social engineering. C Tenable Network Security, Inc...
The Bat! X-BAT-FILES
"The Bat!" by RitLabs is extremely convenient mail agent with a lot of features for Windows platforms. One of "The Bat!" features is storing files attached to e-mail messages apart from messages bodies. In this case "The Bat!" puts attached files in preconfigured folder and removes according MIME...
hotmail.java.txt
Georgi Guninski security advisory 5, 2000 Yet another Hotmail security hole - injecting JavaScript using "jvascript:" Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski ...
javascript.hotmail.txt
Georgi Guninski security advisory 3, 2000 Yet another Hotmail security hole - injecting JavaScript in IE using "@import urljavascript:..." Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact...
Microsoft Internet Explorer 4/5/5.5/5.0.1 - external.NavigateAndFind() Cross-Frame
Microsoft Internet Explorer 4.0 for WfW/Windows 3.1/Windows 95/Windows NT 3/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.5,Internet Explorer 5.0.1,Internet Explorer for Unix 5.0 external.NavigateAndFind Cross-Frame Vulnerability source...
SCO Unixware 7.07.0.17.1 - Xsco Buffer Overflow
SCO Unixware 7.07.0.17.1 - Xsco Buffer Overflow // source: https://www.securityfocus.com/bid/824/info Under certain versions of Unixware, the SUID program Xsco is vulnerable to a buffer overflow attack. The problem lies in that Xsco does not sanity check user supplied data. // UnixWare7...
International TeleCommunications WebBBS 2.13 - login & Password Buffer Overflow
// source: https://www.securityfocus.com/bid/803/info Certain versions of WebBBS by Mike Bryeans of International TeleCommunications contain a flaw in the initial login program. User supplied data via the login name and password are not bounds checked and can result in a buffer overflow. This lea...
CVE-1999-1530
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system...