Lucene search
K

55 matches found

Packet Storm
Packet Storm
added 2010/01/11 12:0 a.m.485 views

Nginx, Varnish, Cherokee, etc Log Injection

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Name Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Systems Affected nginx 0.7.64 Varnish 2.0.6 Cherokee 0.99.30...

5CVSS0.4AI score0.27008EPSS
Exploits18
exploitpack
exploitpack
added 2010/01/11 12:0 a.m.18 views

AOLServer Terminal 4.5.1 - Escape Sequence in Logs Command Injection

AOLServer Terminal 4.5.1 - Escape Sequence in Logs Command Injection source: https://www.securityfocus.com/bid/37712/info AOLServer is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2010/01/11 12:0 a.m.97 views

AOLServer Terminal 4.5.1 - Escape Sequence in Logs Command Injection

source: https://www.securityfocus.com/bid/37712/info AOLServer is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. AOLServer 4.5.1 is vulnerable; other...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/01/10 12:0 a.m.32 views

aolXSS.txt

Title: AOL Multiple Cross Site Scripting Author: Simo Ben youssef aka 6mOHaCk Discovered: 26 December 2005 Published: 7 January 2006 MorX Security Research Team http://www.morx.org Service: Web Vendor: AOL.com Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks Severity:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/01/10 12:0 a.m.41 views

aimXSS.txt

Title: AIM Multiple Cross Site Scripting Author: Simo Ben youssef aka 6mOHaCk Discovered: 26 December 2005 Published: 7 January 2006 MorX Security Research Team http://www.morx.org Service: Web Vendor: AIM.com Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks Severity:...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.27 views

AOLserver Default Password (HTTP)

The remote web server is running AOL web server AOLserver with the default username and password set. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.5CVSS9.4AI score0.0356EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2005/03/25 12:0 a.m.14 views

AOLServer Multiple Remote Vulnerabilities

Binary data 2775.prm...

10CVSS7.3AI score0.23615EPSS
Exploits2References4
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.34 views

SRT2003-04-04-1106 - AOLServer Proxy Daemon API unformatted syslog() call

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

7.1AI score
Exploits0
NVD
NVD
added 2002/06/18 4:0 a.m.17 views

CVE-2002-0587

Buffer overflow in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters...

7.5CVSS8AI score0.03215EPSS
Exploits0References3
NVD
NVD
added 2002/06/18 4:0 a.m.15 views

CVE-2002-0586

Format string vulnerability in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters...

7.5CVSS7.7AI score0.02912EPSS
Exploits0References4
CVE
CVE
added 2002/06/11 4:0 a.m.45 views

CVE-2002-0587

CVE-2002-0587 is a buffer overflow in the Ns_PdLog function of AOLServer's external database driver proxy daemon library (libnspd.a), affecting AOLServer versions 3.0 through 3.4.2. The vulnerability allows remote attackers to cause a denial of service or execute arbitrary code via the Error or N...

7.5CVSS8.4AI score0.03215EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/06/11 4:0 a.m.22 views

CVE-2002-0587

Buffer overflow in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters...

8AI score0.03215EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/06/11 4:0 a.m.15 views

CVE-2002-0586

Format string vulnerability in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters...

7.7AI score0.02912EPSS
Exploits0References4
CVE
CVE
added 2002/06/11 4:0 a.m.36 views

CVE-2002-0586

CVE-2002-0586 describes a format-string vulnerability in AOLServer (libnspd.a) across versions 3.0–3.4.2, specifically in the Ns_PdLog function. An attacker could exploit the Error or Notice parameters to execute arbitrary code remotely. The vulnerability impacts the AOLServer external database d...

7.5CVSS8.1AI score0.02912EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2002/04/17 12:0 a.m.34 views

Format string bug in AOLServer DB API

Format string bug in NsPdLog API call...

1.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/04/17 12:0 a.m.27 views

[CERT-intexxia] AOLServer DB Proxy Daemon Format String Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY INTEXXIAc 30 01 2002 ID 1052-300102 TITLE : AOLServer DB Proxy Daemon Format String Vulnerability CREDITS : Guillaume Pelat found this vulnerability / INTEXXIA SYSTEM AFFECTED =============== AOLServer 3.4.2 AOLServer 3.4.1 AOLServer...

0.9AI score
Exploits0
NVD
NVD
added 2002/03/25 5:0 a.m.11 views

CVE-2002-0100

AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file...

7.5CVSS6.8AI score0.01648EPSS
Exploits0References5
Cvelist
Cvelist
added 2002/03/15 5:0 a.m.15 views

CVE-2002-0100

AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file...

6.8AI score0.01648EPSS
Exploits0References5
CVE
CVE
added 2002/03/15 5:0 a.m.50 views

CVE-2002-0100

CVE-2002-0100 affects AOLserver 3.4.2 on Win32. The vulnerability allows remote attackers to bypass authentication and read password-protected files by requesting a URL that directly references the protected file. The CVSS metrics indicate network access, low attack complexity, and no authenticat...

7.5CVSS7.2AI score0.01648EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.49 views

CVE-2001-1067

AOLServer ParseAuth() buffer overflow: AOLServer 3.3.0 and earlier contain a vulnerability in which Decode()/ParseAuth() uses a fixed 256-byte buffer, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted HTTP request with an overly long Authorization head...

10CVSS7.8AI score0.1611EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder