Lucene search
+L

115 matches found

Exploit DB
Exploit DB
added 2002/06/14 12:0 a.m.36 views

Imatix Xitami 2.5 - GSL Template Cross-Site Scripting

source: https://www.securityfocus.com/bid/5025/info Imatix Xitami is a webserver for Microsoft Windows operating systems. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. Xitami fails to check URLs for the presence of script commands wh...

7.4AI score
Exploits0
NVD
NVD
added 2001/12/31 5:0 a.m.11 views

CVE-2001-1481

Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges...

10CVSS9.7AI score0.02901EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2001/12/31 12:0 a.m.5 views

PT-2001-2571 · Imatix · Xitami

Name of the Vulnerable Software and Affected Versions: Xitami versions 2.4 through 2.5 b4 Description: The issue allows remote attackers to gain privileges due to the storage of the Administrator password in plaintext in the default.aut file. The default permissions of this file are world-readabl...

10CVSS7.1AI score0.02901EPSS
Exploits1References7
securityvulns
securityvulns
added 2001/11/27 12:0 a.m.68 views

Xitami Webserver stores admin password in clear text.

I am releasing this a bit early as the vendor has been aware of this issue for a while now. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vapid Labs Larry W. Cashdollar Xitami Webserver clear text password storage vulnerability. Date Published: 11/23/2001 Advisory ID: 11232001-02 Title: Xitami...

Exploits0
Packet Storm
Packet Storm
added 2001/11/22 12:0 a.m.34 views

xitami-2.5b4.txt

Network Security Solutions Inc. Security AdvisorY Philippine based Security Company Http://www.Nssolution.net Http://connect.to/nssi Xitami WEB/FTP release 2.5b4 Server Multiple Security Vulnerabilities Author: Abraham Lincoln handle: zer0logic Email : [email protected],...

7.4AI score
Exploits0
NVD
NVD
added 2001/07/02 4:0 a.m.13 views

CVE-2001-0391

Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory...

5CVSS6.7AI score0.01272EPSS
Exploits0References1
CVE
CVE
added 2001/05/24 4:0 a.m.51 views

CVE-2001-0391

CVE-2001-0391 affects Xitami Web Server (version 2.5d4 and earlier). The vulnerability permits remote attackers to crash the server by sending an HTTP request to the /aux directory, producing availability impact as described in the CVSS metrics (base score 5.0, MEDIUM). The provided documents do ...

5CVSS6.7AI score0.01272EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2001/05/24 4:0 a.m.26 views

CVE-2001-0391

Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory...

6.7AI score0.01272EPSS
Exploits0References1
securityvulns
securityvulns
added 2001/04/18 12:0 a.m.24 views

Advisory for Xitami 2.4d7, 2.5d4

Advisory for Xitami 2.4d7, 2.5d4 Xitami is made by Imatix. Site: http://xitami.com by nemesystm of the DHC http://dhcorp.cjb.net - [email protected] ADV-0105 /-|=explanation=|- Xitami is a webserver. It has a denial of service. /-|=who is vulnerable=|- Anyone running Xitami 2.5d4, 2.4d7 and...

0.6AI score
Exploits0
NVD
NVD
added 2000/12/31 5:0 a.m.18 views

CVE-2000-1225

Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program...

5CVSS6.5AI score0.01299EPSS
Exploits1References1
securityvulns
securityvulns
added 2000/04/05 12:0 a.m.46 views

Re: Denial of Service in Xitami webserver all versions...

Xitami also has an overflow in one of the default example CGI programs that it comes with. http://server.com/cgi-bin/TESTCGI.EXE bla bla bla overflow argv fun. Signed, Marc eEye Digital Security http://www.eEye.com "Its a bullshit, three ring, circus sideshow. The only way to fix it is to flush i...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2000/04/03 12:0 a.m.103 views

Denial of Service in Xitami webserver all versions up to v2.5b1 for Windows.

Anyone can remotely crash Xitami webserver by sending simple GET command. On remote side will be: Assertion Failed! Module: D:ImatixDevelopSmtSmthttpl.c , line 745 All you need to do is just telnet to remote computer and execute GETspaceenterenter command. Also Xitami will crash if you'll execute...

4AI score
Exploits0
Packet Storm
Packet Storm
added 2000/02/29 12:0 a.m.41 views

Xitami-2.4d4.dos.txt

+++=== Written by Nemesystm, member of the DHC ===== Visit us at dhc1.cjb.net You want 2 == Xitami 2.4d4 for Windows 95/98 downloaded from tucows.com Installed with the typical installation, no standard settings changed. This problem worked on: Windows 98 + IE5.0 and Windows NT 4.0 SP5 Xitami 2.4...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/11/11 12:0 a.m.19 views

nostalgic-advisory-1999-01.txt

------ ADVISORY ------------------------------------ 1999-01 ------ XITAMI WEBSERVER SHIPS WITH TESTCGI.EXE ------ nostalgic ------------------- [email protected] ------ 1 / PRODUCT INFORMATION Product name: XITAMI WEB SERVER Creators: IMATIX URL: http://www.imatix.com/html/xitami 2 / PROBL...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/10/30 12:0 a.m.26 views

Xitami Web Server Administration Port Remote Overflow

The remote host is running a vulnerable version of the Xitami web server. An attacker could exploit this by sending a lot of data to TCP port 81. This could lead to the execution of arbitrary code in the context of the web server, or create a denial of service. C Tenable Network Security, Inc...

6.1AI score
Exploits0References1
Rows per page
Query Builder