Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink WebServer - Retrieve Administrator Password

source: https://www.securityfocus.com/bid/806/info Certain versions of the Tektronix PhaserLink printer ship with a webserver designed to help facilitate configuration of the device. This service is essentially administrator level access as it can completely modify the system characteristics,...

Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities

Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities // source: https://www.securityfocus.com/bid/770/info There are several CGI programs that ship with the Alibaba webserver. Many of these do not do proper input handling, and therefore will allow requests for access to files...

Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities

// source: https://www.securityfocus.com/bid/770/info There are several CGI programs that ship with the Alibaba webserver. Many of these do not do proper input handling, and therefore will allow requests for access to files outside of normal or safe webserver practice. This results in various...

url.live-1.0.txt

Hello URL Live! 1.0 WebServer for Windows95/98/NT which is released by Pacific Software Publishing, Inc. http://www.urllive.com/ also has a "../" security problem, any users can download any files on the victim host. example: http://www.xxx.yy.jp/../../../../config.sys ----- The Shadow Penguin...

RFP9905.zeus.remote.root.txt

--- Advisory RFP9905 ------------------------------- rfp.labs ----------- Remote root compromise via Zeus webserver Zeus-search vulnerability --------------------------------- rain forest puppy / [email protected] -- Table of contents: - 1. Scope of problem - 2. Solution - 3. Miscellaneous Updates...

Pacific Software URL Live! 1.0 - Directory Traversal

Pacific Software URL Live! 1.0 - Directory Traversal source: https://www.securityfocus.com/bid/746/info The URL Live! free webserver from Pacific software is susceptible to the "../" directory traversal vulnerability. By using the '../' string in a URL, an attacker can gain read access to files...

T. Hauck Jana Server 1.01.451.46 - Directory Traversal

T. Hauck Jana Server 1.01.451.46 - Directory Traversal source: https://www.securityfocus.com/bid/699/info The Jana webserver is susceptible to directory traversal attacks using multiple dots in the URL. If the request is made in specific formats, the server will send out files outside of the...

T. Hauck Jana Server 1.0/1.45/1.46 - Directory Traversal

source: https://www.securityfocus.com/bid/699/info The Jana webserver is susceptible to directory traversal attacks using multiple dots in the URL. If the request is made in specific formats, the server will send out files outside of the intended webroot. http ://target/./.././.././.././win.ini o...

CVE-1999-0474

The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory...

CVE-1999-0474

CVE-1999-0474 concerns the ICQ Webserver, where remote attackers can exploit a path traversal issue (using ..) to access files outside the user’s personal directory. Public sources corroborate an access-control/authorization bypass leading to potential partial confidentiality impact (CVSS v2 base...

Netscape Enterprise Server 3.513.6 SP2 - Accept Buffer Overflow

Netscape Enterprise Server 3.513.6 SP2 - Accept Buffer Overflow source: https://www.securityfocus.com/bid/631/info Enterprise Server 3.6 SP2 with the SSL Handshake Patch applied is vulnerable to a buffer overflow that may allow attackers to launch denial-of-service attacks and to execute arbitrar...

icq.webserver.exploits.txt

ICQ Homepage Exploit By Shadow51 Ever wondered why there is a little house beside the name of some people? That doesn't mean they are at home, it means they have the ICQ-Webserver running. The idiots who made it left huge bugs in it, like you can close their ICQ remotely, and even download their...

icq99.web.server.txt

Date: Mon, 5 Apr 1999 23:50:56 +0200 From: Jan Vogelgesang To: [email protected] Subject: security hole in ICQ-Webserver Hi, Some days ago i've read a message here in Bugtraq from Ronald A. Jarell about a vulnerability in the ICQ-Webserver . I tried to reproduce this vulnerability with my...

Oracle Webserver PL/SQL Stored Procedure GET Request DoS

It was possible to make the remote web server crash by supplying a too long argument to the cgi /ews-bin/fnord. An attacker may use this flaw to prevent your customers to access your website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc...

John OFallon Responder.cgi 1.0 - Denial of Service

John OFallon Responder.cgi 1.0 - Denial of Service source: https://www.securityfocus.com/bid/3155/info responder.cgi' is a free CGI shell script, written in C, for MacHTTP Server and other MacOS webserver products. It is possible to cause a denial of service to MacHTTP webserver due to improper...

John O'Fallon Responder.cgi 1.0 - Denial of Service

source: https://www.securityfocus.com/bid/3155/info responder.cgi' is a free CGI shell script, written in C, for MacHTTP Server and other MacOS webserver products. It is possible to cause a denial of service to MacHTTP webserver due to improper bounds checking in the script 'responder.cgi'. HTTP...

CVE-1999-0474

The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory...

CVE-1999-1125

Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file...

CVE-1999-1068

Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request...

CVE-1999-0235

Buffer overflow in NCSA WebServer 1.4.1 and below gives remote access...