CVE-2009-4494

AOLserver 4.5.1 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

CVE-2002-0587

Buffer overflow in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters...

[CERT-intexxia] AOLServer DB Proxy Daemon Format String Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY INTEXXIAc 30 01 2002 ID 1052-300102 TITLE : AOLServer DB Proxy Daemon Format String Vulnerability CREDITS : Guillaume Pelat found this vulnerability / INTEXXIA SYSTEM AFFECTED =============== AOLServer 3.4.2 AOLServer 3.4.1 AOLServer...

AOLserver 3.4.2 Unauthorized File Disclosure Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AOLserver 3.4.2 Unauthorized File Disclosure Vulnerability Type: File Disclosure Release Date: January 6, 2002 Product / Vendor: AOLserver is America Online's Open-Source web server. AOLserver is the backbone of the largest and busiest production...

AOLServer 3 - Authentication String Remote Buffer Overflow (2)

AOLServer 3 - Authentication String Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/3230/info AOLServer is a freely available, open source web server. It was originally written by AOL, and is currently developed and maintained by AOL and public domain. A problem has been...

CVE-2001-1067

Buffer overflow in AOLserver 3.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via an HTTP request with a long Authorization header...

AOLserver 3.0 vulnerability

Aolserver 3.0 will crash when it is given a long authorization string. It is also possible this vulnerability will allow a hacker to execute arbitrary code through a buffer overflow. I have not verified a buffer overflow exists. Aolserver 3.4 and 3.3.1 are not vulnerable to this attack. Here is a...

AOLServer 3 - Authentication String Remote Buffer Overflow (1)

AOLServer 3 - Authentication String Remote Buffer Overflow 1 source: https://www.securityfocus.com/bid/3230/info AOLServer is a freely available, open source web server. It was originally written by AOL, and is currently developed and maintained by AOL and public domain. A problem has been...

AOLServer 3 - 'Authentication String' Remote Buffer Overflow (1)

source: https://www.securityfocus.com/bid/3230/info AOLServer is a freely available, open source web server. It was originally written by AOL, and is currently developed and maintained by AOL and public domain. A problem has been discovered that can allow remote users to crash an AOLServer, denyi...

CVE-2001-0205

Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting "..." into the requested pathname, a modified .. dot dot attack...

Vulnerability in AOLserver

Vulnerability in AOLserver Overview AOLserver v3.2 is a web server available from http://www.aolserver.com. A vulnerability exists which allows a remote user user to break out of the web root using relative paths ie: '...'. Details AOLServer checks the requested virtual path for any double dots...

aolserver 3.2 Win32 - Directory Traversal

aolserver 3.2 Win32 - Directory Traversal source: https://www.securityfocus.com/bid/2343/info It is possible for a remote user to gain read access to directories outside the root directory of an AOLserver. Requesting a specially crafted URL composed of '.../' sequences will disclose an arbitrary...