Lucene search
K

9808 matches found

exploitpack
exploitpack
added 1999/11/08 12:0 a.m.35 views

Microsoft Internet Explorer 4.x5 Outlook 2000 098 0Express 4.x - ActiveX .CAB File Execution

Microsoft Internet Explorer 4.x5 Outlook 2000 098 0Express 4.x - ActiveX .CAB File Execution Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4,Internet Explorer 4.1 for Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 1999/10/19 12:0 a.m.21 views

ie5.javascript.redirect.txt

IE 5.0 allows reading local and from any domain files and window spoofing using HTTP redirection to "javascript:" Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski is n...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.34 views

activeX.file.system.object.txt

Date: Thu, 11 Feb 1999 17:37:18 -0500 From: Gary Geisbert To: [email protected] Subject: Using FSO in ASP to view just about anything This active server page opens the FileSystemObject and streams the contents of the file specified in the "file" parameter. The problem with FSO is...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.59 views

msie.5.dhtml.cuartango.txt

Date: Wed, 24 Mar 1999 12:11:09 +0100 From: Juan Carlos Garcia Cuartango To: [email protected] Subject: IE 5 security vulnerabilities Greetings, Microsoft delivers with IE 5 an Active X control called "DHTML Edit control Safe for Scripting for IE 5". In my opinion this control IS N...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.26 views

tcp.md5.router.dos.txt

Date: Mon, 14 Jun 1999 14:29:54 -0400 From: Craig Metz To: [email protected] Subject: TCP MD5 option problem I was implementing the RFC 2385 "Protection of BGP Sessions via the TCP MD5 Signature Option" option in the OpenBSD stack. For those who don't know the significance of this option, it i...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.31 views

Multiple Unix Netstat Service Remote Information Disclosure

The remote host is running a 'netstat' service on this port. The 'netstat' service provides useful information to an attacker, since it gives away the state of the active connections. It is recommended that you disable this service if you do not use it. C Tenable Network Security, Inc. include...

5CVSS5.5AI score0.01897EPSS
Exploits0References1
Exploit DB
Exploit DB
added 1999/05/25 12:0 a.m.55 views

Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA

source: https://www.securityfocus.com/bid/286/info Microsoft's JET database engine feature allows the embedding of Visual Basic for Application in SQL string expressions and the lack of metacharacter filtering by many web applications may allow remote users to execute commands on the system...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1999/05/07 12:0 a.m.18 views

Microsoft IIS 4.0 Microsoft Site Server 3.0 - Showcode ASP

Microsoft IIS 4.0 Microsoft Site Server 3.0 - Showcode ASP source: https://www.securityfocus.com/bid/167/info A sample Active Server Page ASP script installed by default on Microsoft's Internet Information Server IIS 4.0 gives remote users access to view any file on the same volume as the web...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 1999/05/07 12:0 a.m.119 views

Microsoft IIS 4.0 / Microsoft Site Server 3.0 - Showcode ASP

source: https://www.securityfocus.com/bid/167/info A sample Active Server Page ASP script installed by default on Microsoft's Internet Information Server IIS 4.0 gives remote users access to view any file on the same volume as the web server that is readable by the web server. IIS 4.0 installs a...

7AI score
Exploits0
NVD
NVD
added 1999/02/11 5:0 a.m.18 views

CVE-1999-1375

FileSystemObject FSO in the showfile.asp Active Server Page ASP allows remote attackers to read arbitrary files by specifying the name in the file parameter...

5CVSS6.7AI score0.30548EPSS
Exploits1References2
exploitpack
exploitpack
added 1999/02/11 12:0 a.m.14 views

Microsoft IIS 3.04.0 - Using ASP and FSO To Read Server Files

Microsoft IIS 3.04.0 - Using ASP and FSO To Read Server Files source: https://www.securityfocus.com/bid/230/info The File System Object FSO may be called from an Active Server Page ASP to display files that exist outside of the web server's root directory. FSO allows calls to be made utilizing...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 1999/02/11 12:0 a.m.33 views

Microsoft IIS 3.0/4.0 - Using ASP and FSO To Read Server Files

source: https://www.securityfocus.com/bid/230/info The File System Object FSO may be called from an Active Server Page ASP to display files that exist outside of the web server's root directory. FSO allows calls to be made utilizing "../" to exit the local directory path. An example of this synta...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 1999/01/01 12:0 a.m.4 views

PT-1999-1245 · Rlogin +1 · Rlogin +1

Name of the Vulnerable Software and Affected Versions: rsh/rlogin affected versions not specified Description: The issue is related to the rsh/rlogin service being active. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

7.5CVSS5.9AI score0.11902EPSS
Exploits3References5
Positive Technologies
Positive Technologies
added 1999/01/01 12:0 a.m.4 views

PT-1999-1234 · Unknown · Ident/Identd

Name of the Vulnerable Software and Affected Versions: ident/identd affected versions not specified Description: The issue concerns the ident/identd service being active. There is no information provided about the estimated number of potentially affected devices or real-world incidents where this...

6.3AI score0.0132EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 1999/01/01 12:0 a.m.3 views

PT-1999-1231 · Rexec · Rexec

Name of the Vulnerable Software and Affected Versions: rexec affected versions not specified Description: The issue is related to the rexec service being active. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

10CVSS6.1AI score0.01908EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 1999/01/01 12:0 a.m.3 views

PT-1999-1230 · Sun · Rpc.Sprayd

Name of the Vulnerable Software and Affected Versions: rpc.sprayd affected versions not specified Description: The issue is related to the rpc.sprayd service being active. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

6.2AI score0.01341EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 1999/01/01 12:0 a.m.4 views

PT-1999-1243 · Uucp · Uucp

Name of the Vulnerable Software and Affected Versions: UUCP affected versions not specified Description: The issue is related to the UUCP service being active. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

6.2AI score0.01293EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 1998/04/01 12:0 a.m.3 views

PT-1998-1098 · Microsoft +1 · Internet Explorer +1

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Netscape Navigator affected versions not specified Description: A configuration in web browsers allows the execution of active content, including ActiveX, Java, and Javascript. Recommendations...

7.5CVSS6.3AI score0.05886EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 1997/01/01 12:0 a.m.4 views

PT-1997-1112 · Microsoft · Iis

Name of the Vulnerable Software and Affected Versions: IIS version 3.0 Description: The issue allows remote intruders to read source code for ASP programs. This is achieved by using a %2e instead of a . dot in the URL. Recommendations: For IIS version 3.0, apply the necessary configuration change...

7.5CVSS6.7AI score0.07952EPSS
Exploits0References3
Duo Security Advisories
Duo Security Advisories
added 1976/01/01 12:0 a.m.17 views

DUO-PSA-2020-002: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2020-002 Publication Date: 2020-04-28 Revision Date: 2020-04-28 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Engineering has identified and fixed an issue with directory sync for on-premises Microsoft Active Directory, OpenLDAP, and...

6.7AI score
Exploits0
Rows per page
Query Builder