CIS WebServer 3.5.13 - Directory Traversal

CIS WebServer 3.5.13 - Directory Traversal source: https://www.securityfocus.com/bid/12662/info A vulnerability has been identified in the handling of certain types of requests by CIS WebServer. Because of this, it is possible for an attacker to gain access to potentially sensitive system files...

CIS WebServer directory traversal

No description provided...

[Full-Disclosure] CIS WebServer Directory Traversal Bug

-= x0n3-h4ck Italian Security Team =- /Advisories / Application: CIS WebServer Vendor's Url: www.cisindia.net Version: 3.5.13 Platforms: Windows Bug: Directory Traversal Exploitation: Remote Author: CorryL [email protected] www.x0n3-h4ck.org Description CIS WebServer is an easy http server, A...

CIS WebServer 3.5.13 - Directory Traversal

source: https://www.securityfocus.com/bid/12662/info A vulnerability has been identified in the handling of certain types of requests by CIS WebServer. Because of this, it is possible for an attacker to gain access to potentially sensitive system files. The problem is in the handling of directory...

[Full-Disclosure] pMachine Pro / pMachine Free Remote Code Execution

pMachine Pro / pMachine Free Remote Code Execution vendor website: http://www.pmachine.com I. BACKGROUND PMachine is one of the most flexible & creative on-line publishing tools available. With PMachine you can publish any kind of web content - from a basic weblog to an advanced, interactive...

CVE-2004-0942

Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service CPU consumption via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters...

CVE-2004-0942

Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service CPU consumption via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters...

CVE-2004-0942

Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service CPU consumption via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters...

DEBIAN-CVE-2004-0942

Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service CPU consumption via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters...

CVE-2004-1063

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safemodeexecdir restrictions and execute commands outside of the intended safemodeexecdir via shell metacharacters in the current directory name. NOTE: this issue was...

CVE-2004-2662

Soft3304 04WebServer before 1.41 allows remote attackers to cause a denial of service resource consumption or crash via certain data related to OpenSSL, which causes a thread to terminate but continue to hold resources...

CVE-2004-1063

CVE-2004-1063 affects PHP 4.x up to 4.3.9 and PHP 5.x up to 5.0.2 when running in safe mode on multithreaded Unix webservers. It allows local users to bypass safe_mode_exec_dir restrictions and run commands outside the intended directory by using shell metacharacters in the current directory name...

CVE-2004-1063

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safemodeexecdir restrictions and execute commands outside of the intended safemodeexecdir via shell metacharacters in the current directory name. NOTE: this issue was...

Blog Torrent preview 0.8 - arbitary file download

Intro ----- Blogtorrent is a collection of PHP scripts which are designed to make it simple to host files for transfer via bittorrent. Whilst it is not normal to report security problems in "preview" releases of software this software was covered prominently upon Slashdot and could be widely used...

GFHost PHP GMail Remote Command Execution Exploit

Exploit for unknown platform in category web applications ================================================= GFHost PHP GMail Remote Command Execution Exploit ================================================= GFHost explo Spawn bash style Shell with webserver uid Greetz SPAX, foxtwo, Zone-H This...

GFHost PHP GMail Remote Command Execution Exploit

No description provided by source. GFHost explo Spawn bash style Shell with webserver uid Greetz SPAX, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; $U1 =...

GFHost PHP GMail - Remote Command Execution

GFHost explo Spawn bash style Shell with webserver uid Greetz SPAX, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; $U1 =...

GFHost.pl

GFHost explo Spawn bash style Shell with webserver uid Greetz SPAX, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; $U1 =...

[SECURITY] [DSA 594-1] New Apache packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 594-1 [email protected] http://www.debian.org/security/ Martin Schulze November 17th, 2004 http://www.debian.org/security/faq -...

security flaw

Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service CPU consumption via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters...