115 matches found
Imatix Xitami 2.5 - GSL Template Cross-Site Scripting
source: https://www.securityfocus.com/bid/5025/info Imatix Xitami is a webserver for Microsoft Windows operating systems. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. Xitami fails to check URLs for the presence of script commands wh...
CVE-2001-1481
Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges...
PT-2001-2571 · Imatix · Xitami
Name of the Vulnerable Software and Affected Versions: Xitami versions 2.4 through 2.5 b4 Description: The issue allows remote attackers to gain privileges due to the storage of the Administrator password in plaintext in the default.aut file. The default permissions of this file are world-readabl...
Xitami Webserver stores admin password in clear text.
I am releasing this a bit early as the vendor has been aware of this issue for a while now. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vapid Labs Larry W. Cashdollar Xitami Webserver clear text password storage vulnerability. Date Published: 11/23/2001 Advisory ID: 11232001-02 Title: Xitami...
xitami-2.5b4.txt
Network Security Solutions Inc. Security AdvisorY Philippine based Security Company Http://www.Nssolution.net Http://connect.to/nssi Xitami WEB/FTP release 2.5b4 Server Multiple Security Vulnerabilities Author: Abraham Lincoln handle: zer0logic Email : [email protected],...
CVE-2001-0391
Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory...
CVE-2001-0391
CVE-2001-0391 affects Xitami Web Server (version 2.5d4 and earlier). The vulnerability permits remote attackers to crash the server by sending an HTTP request to the /aux directory, producing availability impact as described in the CVSS metrics (base score 5.0, MEDIUM). The provided documents do ...
CVE-2001-0391
Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory...
Advisory for Xitami 2.4d7, 2.5d4
Advisory for Xitami 2.4d7, 2.5d4 Xitami is made by Imatix. Site: http://xitami.com by nemesystm of the DHC http://dhcorp.cjb.net - [email protected] ADV-0105 /-|=explanation=|- Xitami is a webserver. It has a denial of service. /-|=who is vulnerable=|- Anyone running Xitami 2.5d4, 2.4d7 and...
CVE-2000-1225
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program...
Re: Denial of Service in Xitami webserver all versions...
Xitami also has an overflow in one of the default example CGI programs that it comes with. http://server.com/cgi-bin/TESTCGI.EXE bla bla bla overflow argv fun. Signed, Marc eEye Digital Security http://www.eEye.com "Its a bullshit, three ring, circus sideshow. The only way to fix it is to flush i...
Denial of Service in Xitami webserver all versions up to v2.5b1 for Windows.
Anyone can remotely crash Xitami webserver by sending simple GET command. On remote side will be: Assertion Failed! Module: D:ImatixDevelopSmtSmthttpl.c , line 745 All you need to do is just telnet to remote computer and execute GETspaceenterenter command. Also Xitami will crash if you'll execute...
Xitami-2.4d4.dos.txt
+++=== Written by Nemesystm, member of the DHC ===== Visit us at dhc1.cjb.net You want 2 == Xitami 2.4d4 for Windows 95/98 downloaded from tucows.com Installed with the typical installation, no standard settings changed. This problem worked on: Windows 98 + IE5.0 and Windows NT 4.0 SP5 Xitami 2.4...
nostalgic-advisory-1999-01.txt
------ ADVISORY ------------------------------------ 1999-01 ------ XITAMI WEBSERVER SHIPS WITH TESTCGI.EXE ------ nostalgic ------------------- [email protected] ------ 1 / PRODUCT INFORMATION Product name: XITAMI WEB SERVER Creators: IMATIX URL: http://www.imatix.com/html/xitami 2 / PROBL...
Xitami Web Server Administration Port Remote Overflow
The remote host is running a vulnerable version of the Xitami web server. An attacker could exploit this by sending a lot of data to TCP port 81. This could lead to the execution of arbitrary code in the context of the web server, or create a denial of service. C Tenable Network Security, Inc...