5285 matches found
MM 1.0.x/1.1.x - Shared Memory Library Temporary File Privilege Escalation
// source: https://www.securityfocus.com/bid/5352/info The MM Shared Memory library is reported to be prone to a race condition with regards to temporary files which may enable a local attacker to gain elevated privileges. This issue may reportedly be exploited by an attacker with shell access as...
KPMG-2002031: Jigsaw Webserver Path Disclosure
-------------------------------------------------------------------- Title: Jigsaw Webserver Path Disclosure BUG-ID: 2002031 Released: 17th Jul 2002 -------------------------------------------------------------------- Problem: ======== It is possible to disclose the physical path to the webroot...
KPMG-2002034: Jigsaw Webserver DOS device DoS
-------------------------------------------------------------------- Title: Jigsaw Webserver DOS device DoS BUG-ID: 2002034 Released: 17th Jul 2002 -------------------------------------------------------------------- Problem: ======== A malicious user can tie up working threads on the web server...
ATPhttpd 0.4b - Remote Buffer Overflow
/ source: https://www.securityfocus.com/bid/5215/info ATPhttpd is a small webserver designed for high-performance. It was developed by Yann Ramin. There exist several exploitable buffer overflow conditions in ATPhttpd. Remote attackers may levarage these vulnerabilities to gain access on affected...
KPMG-2002026: Jrun sourcecode Disclosure
-------------------------------------------------------------------- Title: Jrun sourcecode Disclosure BUG-ID: 2002026 Released: 01st Jul 2002 -------------------------------------------------------------------- Problem: ======== It is possible for a malicious user to trick the Jrun webserver int...
CVE-2002-0111
Dino’s Webserver (versions 1.2 and earlier) is affected by a directory traversal vulnerability. A remote attacker can induce traversal with a dot-dot sequence (and in some references via URL-encoded variants) to read arbitrary files or execute commands on the server. The iDEFENSE advisory explici...
CVE-2002-0111
Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. dot dot in the URL...
CVE-2002-0323
comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL...
CVE-2002-0578
Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long 1 user name or 2 password...
PHP-Address 0.2 e - Remote File Inclusion
source: https://www.securityfocus.com/bid/5039/info PHP-Address is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. If the remote file is a PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the...
osCommerce 2.1 - Remote File Inclusion
osCommerce 2.1 - Remote File Inclusion source: https://www.securityfocus.com/bid/5037/info osCommerce is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. If the remote file is a PHP script, this may allow for execution of attacker-supplied P...
osCommerce 2.1 - Remote File Inclusion
source: https://www.securityfocus.com/bid/5037/info osCommerce is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. If the remote file is a PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the...
Imatix Xitami 2.5 - GSL Template Cross-Site Scripting
Imatix Xitami 2.5 - GSL Template Cross-Site Scripting source: https://www.securityfocus.com/bid/5025/info Imatix Xitami is a webserver for Microsoft Windows operating systems. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. Xitami fail...
Imatix Xitami 2.5 - GSL Template Cross-Site Scripting
source: https://www.securityfocus.com/bid/5025/info Imatix Xitami is a webserver for Microsoft Windows operating systems. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. Xitami fails to check URLs for the presence of script commands wh...
CVE-2002-0578
CVE-2002-0578 affects 4D WebServer 6.7.3. A buffer overflow in handling HTTP requests with Basic Authentication containing an excessively long user name or password allows remote DoS and possibly arbitrary code execution. The vulnerability is triggered by crafted credentials in the request, poten...
CVE-2002-0578
Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long 1 user name or 2 password...
CVE-2002-0291
Dino's Webserver 1.2 allows remote attackers to cause a denial of service CPU consumption and possibly execute arbitrary code via several large HTTP requests within a short time...
Lysias Lidik Webserver suffers from a Directory Traversal Vulnerability
------------------------------------------------------------ itcp advisory 14 [email protected] http://www.it-checkpoint.net/advisory/14.html May 8th, 2002 - ------------------------------------------------------------ Lysias Lidik Webserver suffers from a Directory Traversal...
Directory traversal in Lysias Lidik Webserver
No description provided...
WorldClient 5.0.x - Arbitrary File Deletion
source: https://www.securityfocus.com/bid/4687/info WorldClient is a web interface packaged with MDaemon, an email server for Microsoft Windows. An input validation vulnerability exists in WorldClient that allows for an attacker to delete an arbitrary file on the webserver that it resides on. The...