2005.1.txt

ID : 2005.1 Product : Barracuda Spam Firewall Appliance Vendor : Barracuda networks Affected product : firmware Published date : 01/09/2005 Initial Vendor contact 2005-06-14 CVE : CVE-MAP-NOMATCH Solution : Install Firmware 3.1.18 Reference URL :...

W-Agora < 4.2.1 index.php site Parameter Traversal Arbitrary File Access

Binary data 3171.prm...

simplecam12.txt

Donato Ferrante Application: SimpleCam http://www.deadpirate.com/ Version: 1.2 Bug: directory traversal Date: 04-May-2005 Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2...

CVE-2002-2095

Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using 1 index.webroot and 2 index.ipallow...

CVE-2002-2095

CVE-2002-2095 affects the Joe Testa hellbent 01 webserver. The vulnerability allows attackers to read files listed in the hellbent.prefs by creating a similarly named file in the web root (e.g., using index.webroot or index.ipallow). The NVD entry reports a network-accessible issue with partial c...

apache -- http request smuggling

A Watchfire whitepaper reports an vulnerability in the Apache webserver. The vulnerability can be exploited by malicious people causing cross site scripting, web cache poisoining, session hijacking and most importantly the ability to bypass web application firewall protection. Exploiting this...

KF Webserver protection bypass

By requesting resource like http://victimaddress/All20Disk20Drives/C:/ it's possible to access protected directory...

[NT] KF WebServer Directory Traversal Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

osCommerce 2.2 - update.php Information Disclosure

osCommerce 2.2 - update.php Information Disclosure source: https://www.securityfocus.com/bid/14294/info osCommerce is prone to an information-disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the webserver process...

osCommerce 2.2 - &#039;update.php&#039; Information Disclosure

source: https://www.securityfocus.com/bid/14294/info osCommerce is prone to an information-disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the webserver process. Successful exploitation would result in information...

FreeBSD : trac -- file upload/download vulnerability (b02c1d80-e1bb-11d9-b875-0001020eed82)

Stefan Esser reports : Trac's wiki and ticket systems allows to add attachments to wiki entries and bug tracker tickets. These attachments are stored within directories that are determined by the id of the corresponding ticket or wiki entry. Due to a missing validation of the id parameter it is...

FreeBSD : cacti -- multiple vulnerabilities (1cf00643-ed8a-11d9-8310-0001020eed82)

Stefan Esser reports : Wrongly implemented user input filters lead to multiple SQL Injection vulnerabilities which can lead f.e. to disclosure of the admin password hash. Wrongly implemented user input filters allows injection of user input into executed commandline. Alberto Trivero posted his...

Apache Webserver Valid Banner Check

Binary data 3057.prm...

vcs100.txt

Donato Ferrante Application: Video Cam Server http://vcs.raybase.com/ Version: 1.0.0 Bugs: Multiple Vulnerabilities Date: 02-May-2005 Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1...

osTicket 1.21.3 - view.php?inc Arbitrary Local File Inclusion

osTicket 1.21.3 - view.php?inc Arbitrary Local File Inclusion source: https://www.securityfocus.com/bid/14127/info osTicket is affected by multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied data. The following specific issues were...

XML-RPC for PHP Remote Code Injection Vulnerability

Description XML-RPC for PHP is affected by a remote code-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks, including unauthorized remote access. XML-RPC for PHP 1.1 and prior...

CVE-2002-1828

Savant Webserver 3.1 allows remote attackers to cause a denial of service crash via an HTTP GET request with a negative Content-Length value...

CVE-2002-1857

jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...

CVE-2002-1951

Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories...

CVE-2002-1857

CVE-2002-1857 affects jo! jo Webserver 1.0 on Windows, allowing remote retrieval of files under the WEB-INF directory by requesting WEB-INF. with a trailing dot. OpenVAS/Nessus entries describe the issue as an information-disclosure vulnerability affecting Win32 J2EE containers/app servers, with ...