Multiple bugs in Dino's WebServer

Directory traversal, buffer overflow...

Phusion-web.txt

------oOo---------------- Phusion Webserver Directory Traversal, DoS Vulnerabilities and BufferOverrun, Released exploits Codes. ------oOo---------------- Phusion Webserver for Windows 9x/NT/2000 contains remote vulnerabilities which allow users to see and retrieve any file on the server. Exploit...

Phusion-Webserver-v1.0-Bugs&Exploits-Remotes

------oOo---------------- Phusion Webserver Directory Traversal, DoS Vulnerabilities and BufferOverrun, Released exploits Codes. ------oOo---------------- Phusion Webserver for Windows 9x/NT/2000 contains remote vulnerabilities which allow users to see and retrieve any file on the server. Exploit...

Многочисленные проблемы в Phusion Webserver (multiple bugs)

Обратный путь в директориях, переполнения буфера и прочее...

Phusion WebServer 1.0 - URL Remote Buffer Overflow

Phusion WebServer 1.0 - URL Remote Buffer Overflow // source: https://www.securityfocus.com/bid/4119/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. Phusion Webserver does not perform sufficient bounds checking of externally supplied...

Phusion WebServer 1.0 - Long URL Denial of Service

Phusion WebServer 1.0 - Long URL Denial of Service source: https://www.securityfocus.com/bid/4118/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. It is possible for a remote attacker to deny service to legitimate users of the service...

Phusion WebServer 1.0 - Directory Traversal (1)

Phusion WebServer 1.0 - Directory Traversal 1 source: https://www.securityfocus.com/bid/4117/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. Phusion Webserver is prone to directory traversal attacks. It is possible to break out of...

Phusion WebServer 1.0 - Directory Traversal (1)

source: https://www.securityfocus.com/bid/4117/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. Phusion Webserver is prone to directory traversal attacks. It is possible to break out of wwwroot using triple-dot-slash .../ sequences...

Phusion WebServer 1.0 - 'URL' Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/4119/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. Phusion Webserver does not perform sufficient bounds checking of externally supplied data. As a result, it is possible for a remote...

Phusion WebServer 1.0 - Directory Traversal (2)

source: https://www.securityfocus.com/bid/4117/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. Phusion Webserver is prone to directory traversal attacks. It is possible to break out of wwwroot using triple-dot-slash .../ sequences...

Phusion WebServer 1.0 - Long URL Denial of Service

source: https://www.securityfocus.com/bid/4118/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. It is possible for a remote attacker to deny service to legitimate users of the service by submitting an excessively long web request...

Phusion WebServer 1.0 - Directory Traversal (2)

Phusion WebServer 1.0 - Directory Traversal 2 source: https://www.securityfocus.com/bid/4117/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. Phusion Webserver is prone to directory traversal attacks. It is possible to break out of...

KPMG-2002004: Lotus Domino Webserver DOS-device Denial of Service

-------------------------------------------------------------------- -=Lotus Domino Webserver DOS-device Denial of Service=- courtesy of KMPG Denmark BUG-ID: 2002004 Released: 4th Feb 2002 -------------------------------------------------------------------- Problem: ======== The Domino Webserver...

CVE-2001-0892

Vulnerability : Acme Thttpd Secure Webserver prior to 2.22, with the chroot option enabled, is exposed to remote access that can view sensitive files under the document root (e.g., .htpasswd) via a GET request with a trailing slash. Affected product : Acme Thttpd Secure Webserver (before 2.22). R...

CVE-2001-0971

CVE-2001-0971 affects the ACI/4D WebServer. The 4D WebServer (versions 6.5.7 and earlier) fails to validate HTTP requests, enabling directory traversal that allows remote attackers to read arbitrary files outside the web root. Impact is remote file disclosure with web server privileges. The CERT/...

CVE-2001-0892

Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root such as .htpasswd via a GET request with a trailing /...

CVE-2001-0971

Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. dot dot or drive letter e.g., C: in an HTTP request...

Enumerating users on a Domino webserver

Hi, during a pen-test against a Domino 5.0.8 webserver, I was able to enumerate valid users. A simple "GET /mail/toto.nsf HTTP/1.0" redirects to the login page with a "200 OK" HTTP code if the user "toto" exists and a "404 File not Found" is returned if the user doesn't exist. This issue can allo...

CyberStop-Server-DoS-remote-attacks

------oOo------ CyberStop WEbserver DoS Remote attacks. ------oOo------ CyberStop WEbserver for Windows 9x/NT/2000 contains remote vulnerabilities which allow users to attack remote services on the server. Exploit information included. Company Affected: www.cyberstop.com.sg Download:...

PHP-Nuke 4.x5.x - Arbitrary File Inclusion

PHP-Nuke 4.x5.x - Arbitrary File Inclusion source: https://www.securityfocus.com/bid/3889/info PHPNuke is a website creation/maintenance tool. The 'index.php' script has a feature which allows users to include files. Due to insufficent input validation, it is possible to include files located on ...