Lucene search
+L

254 matches found

Tenable Nessus
Tenable Nessus
added 2000/06/27 12:0 a.m.30 views

Sawmill File Access Information Disclosure

The remote web server is affected by an information disclosure vulnerability due to improper validation of user-supplied input to the 'rfcf' parameter. An unauthenticated, remote attacker can exploit this, via a crafted request, to disclose the first line of arbitrary files on the remote host...

5CVSS5.8AI score0.07488EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2000/06/22 12:0 a.m.29 views

Zope < 2.1.7 DocumentTemplate Unauthorized DTML Entity Modification

The remote web server is Zope 2.1.7. There is a security problem in these versions that can allow the contents of DTMLDocuments or DTMLMethods to be changed without forcing proper user authentication. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10447; scriptversion...

7.5CVSS5.5AI score0.02944EPSS
Exploits0References3
securityvulns
securityvulns
added 2000/04/15 12:0 a.m.27 views

DVWSSR.dll Buffer Overflow Vulnerability in Microsoft IIS 4.0 Web Servers

No description provided...

4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/11/10 12:0 a.m.136 views

F5 BIG/ip bigconf.cgi file Parameter Arbitrary File Access

The 'bigconf' CGI is installed. This CGI has a well-known security flaw that allows an attacker to execute arbitrary commands with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

5CVSS5.9AI score0.08593EPSS
Exploits0References2
Packet Storm
Packet Storm
added 1999/11/05 12:0 a.m.23 views

ex_urllive.txt

URL Live! 1.0 WebServer for Windows95/98/NT which is released by Pacific Software Publishing, Inc. http://www.urllive.com/ also has a "../" security problem, any users can download any files on the victim host. example: http://www.xxx.yy.jp/../../../../config.sys...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/11/04 12:0 a.m.74 views

Alibaba get32.exe Arbitrary Command Execution

The 'get32.exe' CGI script is installed on this machine. This CGI has a well known security flaw that allows an attacker to execute arbitrary commands on the remote system with the privileges of the HTTP daemon typically root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

3.6CVSS5.6AI score0.02837EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/11/04 12:0 a.m.51 views

Alibaba tst.bat Arbitrary Command Execution

The 'tst.bat' CGI script is installed on this machine. This CGI has a well known security flaw that would allow an attacker to read arbitrary files on the remote system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

3.6CVSS5.6AI score0.02837EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/10/12 12:0 a.m.538 views

Web Server robots.txt Information Disclosure

The remote host contains a file named 'robots.txt' that is intended to prevent web 'robots' from visiting certain directories in a website for maintenance or indexing purposes. A malicious user may also be able to use the contents of this file to learn of sensitive documents or directories on the...

5.6AI score
Exploits0References1
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.39 views

compaq.insight.manager.server.txt

Date: Wed, 26 May 1999 16:41:36 +0100 From: [email protected] To: [email protected] Subject: Infosec.19990526.compaq-im.a Infosec Security Vulnerability Report No: Infosec.19990526.compaq-im.a ===================================== Vulnerability Summary --------------------- Problem:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.36 views

WinWebserver-exploit.txt

http://www.sddt.com/files/library/98/06/25/tbc.html Source Programmers Discover Internet Server Bug Daily Transcript Business Report June 25, 1998 Programmers at San Diego Source, the online news service of the San Diego Daily Transcript, have discovered a security hole affecting Web server...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.54 views

http-request_method.txt

Date: Wed, 6 Jan 1999 13:16:07 -0000 From: mnemonix To: [email protected] Subject: HTTP REQUESTMETHOD flaw There is a "feature" inherent in some web servers, such as Apache 1.3.x or MS IIS, that carries mild security implications that could allow web server attacks to go unnoticed. The problem...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.32 views

exlibris.alpeh.webserver.txt

Date: Fri, 21 May 1999 12:08:00 +0200 From: Jakub Urbanec To: [email protected] Subject: ExLibris Aleph Web server Security Alert We have found a security hole in web server bundled with Aleph librarian system ver. 3.25 and higher ExLibris. The web server in its default configuration allows...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.32 views

cfusion.txt

L0pht Security Advisory ------------- URL Origin: http://www.l0pht.com/advisories.html Release Date: April 20th, 1999 Application: Cold Fusion Application Server Severity: Web users can download, delete and even upload executable files to a Cold Fusion server. Access is not limited to files under...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.89 views

CDomain whois_raw.cgi fqdn Parameter Arbitrary Command Execution

The remote host appears to be using the CdomainFree 'whoisraw.cgi' script. This CGI script allows an attacker to view any file on the target computer, as well as to execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

10CVSS6AI score0.12557EPSS
Exploits1References2
Rows per page
Query Builder