55 matches found
Nginx, Varnish, Cherokee, etc Log Injection
Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Name Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Systems Affected nginx 0.7.64 Varnish 2.0.6 Cherokee 0.99.30...
AOLServer Terminal 4.5.1 - Escape Sequence in Logs Command Injection
AOLServer Terminal 4.5.1 - Escape Sequence in Logs Command Injection source: https://www.securityfocus.com/bid/37712/info AOLServer is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute...
AOLServer Terminal 4.5.1 - Escape Sequence in Logs Command Injection
source: https://www.securityfocus.com/bid/37712/info AOLServer is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. AOLServer 4.5.1 is vulnerable; other...
aolXSS.txt
Title: AOL Multiple Cross Site Scripting Author: Simo Ben youssef aka 6mOHaCk Discovered: 26 December 2005 Published: 7 January 2006 MorX Security Research Team http://www.morx.org Service: Web Vendor: AOL.com Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks Severity:...
aimXSS.txt
Title: AIM Multiple Cross Site Scripting Author: Simo Ben youssef aka 6mOHaCk Discovered: 26 December 2005 Published: 7 January 2006 MorX Security Research Team http://www.morx.org Service: Web Vendor: AIM.com Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks Severity:...
AOLserver Default Password (HTTP)
The remote web server is running AOL web server AOLserver with the default username and password set. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
AOLServer Multiple Remote Vulnerabilities
Binary data 2775.prm...
SRT2003-04-04-1106 - AOLServer Proxy Daemon API unformatted syslog() call
Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...
CVE-2002-0587
Buffer overflow in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters...
CVE-2002-0586
Format string vulnerability in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters...
CVE-2002-0587
CVE-2002-0587 is a buffer overflow in the Ns_PdLog function of AOLServer's external database driver proxy daemon library (libnspd.a), affecting AOLServer versions 3.0 through 3.4.2. The vulnerability allows remote attackers to cause a denial of service or execute arbitrary code via the Error or N...
CVE-2002-0587
Buffer overflow in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters...
CVE-2002-0586
Format string vulnerability in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters...
CVE-2002-0586
CVE-2002-0586 describes a format-string vulnerability in AOLServer (libnspd.a) across versions 3.0–3.4.2, specifically in the Ns_PdLog function. An attacker could exploit the Error or Notice parameters to execute arbitrary code remotely. The vulnerability impacts the AOLServer external database d...
Format string bug in AOLServer DB API
Format string bug in NsPdLog API call...
[CERT-intexxia] AOLServer DB Proxy Daemon Format String Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY INTEXXIAc 30 01 2002 ID 1052-300102 TITLE : AOLServer DB Proxy Daemon Format String Vulnerability CREDITS : Guillaume Pelat found this vulnerability / INTEXXIA SYSTEM AFFECTED =============== AOLServer 3.4.2 AOLServer 3.4.1 AOLServer...
CVE-2002-0100
AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file...
CVE-2002-0100
AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file...
CVE-2002-0100
CVE-2002-0100 affects AOLserver 3.4.2 on Win32. The vulnerability allows remote attackers to bypass authentication and read password-protected files by requesting a URL that directly references the protected file. The CVSS metrics indicate network access, low attack complexity, and no authenticat...
CVE-2001-1067
AOLServer ParseAuth() buffer overflow: AOLServer 3.3.0 and earlier contain a vulnerability in which Decode()/ParseAuth() uses a fixed 256-byte buffer, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted HTTP request with an overly long Authorization head...