Aspen 0.8 - Directory Traversal

Aspen 0.8 - Directory Traversal Earlier versions are also possibly vulnerable. INFORMATION Product: Aspen 0.8 Remote-exploit: yes Vendor-URL: http://www.zetadev.com/software/aspen/ Discovered by: Daniel Ricardo dos Santos CVE Request - 15/03/2013 CVE Assign - 18/03/2013 CVE Number - CVE-2013-2619...

Aspen 0.8 Directory Traversal

Aspen 0.8 - Directory Traversal Earlier versions are also possibly vulnerable. INFORMATION Product: Aspen 0.8 Remote-exploit: yes Vendor-URL: http://www.zetadev.com/software/aspen/ Discovered by: Daniel Ricardo dos Santos CVE Request - 15/03/2013 CVE Assign - 18/03/2013 CVE Number - CVE-2013-2619...

KNet Web Server Long Request Buffer Overflow Vulnerability

KNet Web Server is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2649-1 (lighttpd - fixed socket name in world-writable directory)

Stefan Bühler discovered that the Debian specific configuration file for lighttpd webserver FastCGI PHP support used a fixed socket name in the world-writable /tmp directory. A symlink attack or a race condition could be exploited by a malicious user on the same machine to take over the PHP contr...

DSA-2649-1 lighttpd - fixed socket name in world-writable directory

Bulletin has no description...

Debian: Security Advisory (DSA-2649-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USB Disk & File Transfer v1.3.1 - File Include Vulnerability

Document Title: =============== USB Disk & File Transfer v1.3.1 - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=881 Release Date: ============= 2013-02-19 Vulnerability Laboratory ID VL-ID: ===================================...

IPMap 2.5 Shell Upload Vulnerability

IPMap suffers from remote shell upload vulnerabilities in the mobile IPMap v2.5 app for the apple ipad & iphone. IPMap v2.5 iPad iPhone - Arbitrary File Upload Web Vulnerabilities Introduction: ============= IPMap - IP Address Lookup Details & HTTP Wireless File Sharing with latest WorldWide IP...

Nagios 3 history.cgi Command Injection

Added: 01/28/2013 CVE: CVE-2012-6096 BID: 56879 OSVDB: 88322 Background Nagios is a network host and service monitoring and management system. Problem The Nagios history.cgi script is vulnerable to a stack overflow when parsing the host parameter. This may allow an attacker to execute arbitrary...

PHP-Charts v1.0 PHP Code Execution Vulnerability

This module exploits a PHP code execution vulnerability in php-Charts version 1.0 which could be abused to allow users to execute arbitrary PHP code under the context of the webserver user. The 'url.php' script calls eval with user controlled data from any HTTP GET parameter name. This module...

[OWASP HTTP Post Tool] DoS Apache Webserver Attack

This Tutorials shows, how you can easily take out an Apache Webserver with one HTTP POST Tool using a std. slow DSL Connection. This is NO Slowloris Attack! Limitations of HTTP GET DDOS attack: - Does not work on IIS web servers or web servers with timeout limits for HTTP headers. - Easily...

[Netcat] Howto Banner Grabbing, Bind Shell, Reverse Shell And Webserver

Netcat HowTo Banner Grabbing, Bind Shell, Reverse Shell and Webserver Netcat is a computer networking service for reading from and writing network connections using TCP or UDP. Netcat is designed to be a dependable "back-end" device that can be used directly or easily driven by other programs and...

PMSoftware Simple Webserver directory traversal

Request with relative path allows file retrieval...

Simple Webserver 2.3-rc1 Directory Traversal

Exploit Title: Simple Webserver 2.3-rc1 Directory Traversal Date: 01/02/2013 Exploit Author: CwG GeNiuS Vendor Homepage: http://www.pmx.it Software Link: http://www.pmx.it/download/sws-2.3-rc1-i686.exe Version: 2.3-rc1 and earlier Tested on: Windows 7 Enterprise SP1 Vulnerability: When removing t...

Simple Webserver 2.3-rc1 Directory Traversal Vulnerability

Exploit for windows platform in category web applications Exploit Title: Simple Webserver 2.3-rc1 Directory Traversal Date: 01/02/2013 Exploit Author: CwG GeNiuS Vendor Homepage: http://www.pmx.it Software Link: http://www.pmx.it/download/sws-2.3-rc1-i686.exe Version: 2.3-rc1 and earlier Tested o...

Simple Webserver 2.3-rc1 Directory Traversal

Exploit Title: Simple Webserver 2.3-rc1 Directory Traversal Date: 01/02/2013 Exploit Author: CwG GeNiuS Vendor Homepage: http://www.pmx.it Software Link: http://www.pmx.it/download/sws-2.3-rc1-i686.exe Version: 2.3-rc1 and earlier Tested on: Windows 7 Enterprise SP1 Vulnerability: When removing t...

PHP-CGI Argument Injection Remote Code Execution

No description provided by source. !/usr/bin/python import requests import sys print """ CVE-2012-1823 PHP-CGI Arguement Injection Remote Code Execution This exploit abuses an arguement injection in the PHP-CGI wrapper to execute code as the PHP user/webserver user. Feel free to give me abuse abo...

CVE-2012-5643

Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service memory consumption via 1 invalid Content-Length headers, 2 long POST requests, or 3 crafted authenticatio...

SEC Consult SA-20121203-0 :: F5 FirePass SSL VPN Unauthenticated local file inclusion

SEC Consult Vulnerability Lab Security Advisory 20121203-0 ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

Symantec Messaging Gateway 9.5.3-3 - Arbitrary File Download

Symantec Messaging Gateway 9.5.3-3 - Arbitrary File Download ======= Summary ======= Name: Symantec Messaging Gateway - Arbitrary file download is possible with a crafted URL authenticated Release Date: 30 November 2012 Reference: NGS00266 Discoverer: Ben Williams Vendor: Symantec Vendor Referenc...