1763 matches found
liteserve.txt
Christopher Fillion's "Perception" web site hosts the LiteServe combination server for Win32. The server offers HTTP, FTP, SMTP, POP3, and Telnet services. Included in the HTTP service is a Common Gateway Interface CGI feature that allows you to specify a CGI alias, as well as "filters" that are...
Apache Httpd < 2.0.44 : Apache can serve unexpected files
On Windows platforms Apache could be forced to serve unexpected files by appending illegal characters such as '' to the request URL...
Cooolsoft PowerFTP Server 2.x - Remote Denial of Service (1)
// source: https://www.securityfocus.com/bid/5899/info PowerFTP server is a shareware ftp server available for the Microsoft Windows platform. It is distributed and maintained by Cooolsoft. It has been reported that PowerFTP server does not properly handle long user names. When excessive data is...
wp-02-0011: Jetty CGIServlet Arbitrary Command Execution
Westpoint Security Advisory Title: Jetty CGIServlet Arbitrary Command Execution Risk Rating: Medium Software: Jetty Servlet Container Platforms: Win32 other platforms not tested Vendor URL: www.mortbay.org Author: Matt Moore [email protected] Date: 1st October 2002 Advisory ID: wp-02-0011.txt...
IIL Advisory: Winamp 3 (1.0.0.488) XML parser buffer overflow vulnerability
Illegal Instruction Labs Advisory ------------------------------------------------------------------------ Advisory name: Winamp 3 1.0.0.488 XML parser buffer overflow vulnerability Application: Winamp 3 1.0.0.488 Homepage: www.winamp.com Impact: There is a buffer overflow inside XML parser DLL...
DEBIAN-CVE-2002-0654
Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via 1 a request for a .var file, which leaks the pathname in the resulting error message, or 2 via an error message that occurs when a script child process cannot be invoked...
Kerio Mail Server Multiple Security Vulnerabilities
Good Day. The information below is the same as the security advisory regarding kerio mail server. Thank YOU! ==================CUT======================= NSSI-Research Labs Security Advisory http://www.nssolution.com "Maximum e-security" http://nssilabs.nssolution.com Kerio Mail Server 5.0 Multip...
PHP Interpreter 3.0.x/4.0.x/4.1/4.2 - Direct Invocation Denial of Service
// source: https://www.securityfocus.com/bid/5280/info It is possible, under some circumstances, for remote attackers to invoke the PHP interpreter from the web. If the interpreter is invoked with no command line options, it will hang. Attackers may exploit this condition to cause a denial of...
Apache Tomcat 4.0.3 - Denial of Service Device Name Cross-Site Scripting
Apache Tomcat 4.0.3 - Denial of Service Device Name Cross-Site Scripting source: https://www.securityfocus.com/bid/5194/info A vulnerability has been reported for Apache Tomcat 4.0.3 on a Microsoft Windows platform. Reportedly, it is possible for an attacker to launch a cross site scripting attac...
Apache Tomcat 4.0.3 - Denial of Service 'Device Name' / Cross-Site Scripting
source: https://www.securityfocus.com/bid/5194/info A vulnerability has been reported for Apache Tomcat 4.0.3 on a Microsoft Windows platform. Reportedly, it is possible for an attacker to launch a cross site scripting attack. When making a request for a DOS device file name, Tomcat will throw an...
icecast server 1.3.12 - Directory Traversal Information Disclosure
source: https://www.securityfocus.com/bid/5189/info Icecast is a freely available, open source streaming audio server. Icecast is available for the Unix, Linux, and Microsoft Windows platforms. An attacker may exploit a directory traversal vulnerability in Icecast server to determine the existanc...
Apache httpd: vulnerability with chunked encoding
-----BEGIN PGP SIGNED MESSAGE----- Date: June 17, 2002 Product: Apache Web Server Versions: Apache 1.3 all versions including 1.3.24, Apache 2 all versions up to 2.0.39 Introduction: While testing for Oracle vulnerabilities, Mark Litchfield discovered a denial of service attack for Apache on...
Macromedia JRun ISAPI DLL filter vulnerable to buffer overflow via request for long Host header field
Overview A remotely exploitable buffer overflow exists in Macromedia's JRun version 3.1 on Win32 platforms. Description A remotely exploitable buffer overflow exists in the Win32 version of Macromedia's JRun version 3.1 on Win32 platforms.JRun is an application server that works with most popular...
3CDaemon DoS exploit
3Cdaemon 2.0 revision 10 for the Windows platform contains a BOF vulnerability at all times, including the login prompt. When 400+ chars are sent to the FTP server, it crashes emmediatly. Remote exploit is included. For more details see the exploit as well. greets, skyrim - [email protected] MaD...
iXsecurity.20020404.4d_webserver.a
iXsecurity Security Vulnerability Report No: iXsecurity.20020404.4dwebserver.a ================================== Vulnerability Summary --------------------- Problem: The 4D webserver has a buffer overflow condition. Threat: An attacker could make the webserver crash and possibly execute arbitrar...
Lotus Domino vulnerable to a denial of service via DOS device request
Overview The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial-of-service situation on the Windows and OS/2 Platforms. Description With the Lotus Domino Web Server, you can access DOS-devices. If this is done through the cgi-bin directory, a ncgihttp.exe process wi...
Security-issues with Icecast Version 1.3.7
Digit-Labs Security Advisory http://www.digit-labs.org/ Advisory Name: Security-issues with Icecast Version 1.3.7 Release Date: Application: Tested on Icecast Version 1.3.7 Platform: Windows 2000 Prof Severity: Medium Authors: GoLLuM.no mailto:[email protected] Vendor Status: Unknown Executiv...
ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS
=== Alliance Security Labs === === ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS === Advisory ID: ASLabs-2001-01 Vendor: eEye http://www.eEye.com Product: SecureIIS http://www.eeye.com/html/Products/SecureIIS/index.html Versions: v1.0.2 latest available - probably relevant for 1.0....
602Pro Lansuite Denial Of Service 1.0.34
Advisory Name:Lansuite Webserver Denial of Service Discovered:8th and 23rd Of March 2001 Application:602Pro Lansuite 2000a 1.0.34 - prior versions and possibly 1.0.35 Platform:Windows 2k,95/98/NT - others unknown Severity:Denial of service from application Credit:[email protected] Vendor...
SunFTP 1.0 Build 9 - Unauthorized File Access
SunFTP 1.0 Build 9 - Unauthorized File Access source: https://www.securityfocus.com/bid/2428/info SunFTP is a freeware ftp server written by Rasmus J.P. Allenheim and associates for the Windows platform. SunFTP contains a vulnerability that may allow ftp users to compromise the server. Users may ...