14 matches found
EUVD-2003-0048
Malware in sbrugna...
EUVD-2005-2196
Malware in sbrugna...
EUVD-2003-1403
Malware in sbrugna...
EUVD-2003-1404
Malware in sbrugna...
CVE-2003-1413
The CVE-2003-1413 entry concerns Apple Darwin Streaming Server 4.1.1, where parse_xml.cgi is vulnerable to a path-based check that leaks file existence information. By supplying a filename parameter containing ".." sequences, an attacker can trigger distinct error messages that allow remote deter...
CVE-2003-1413
parsexml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages...
CVE-2003-1414
CVE-2003-1414 describes a directory traversal vulnerability in the parse_xml.cgi component of Apple Darwin Streaming Server 4.1.2 and Apple QuickTime Streaming Server 4.1.1. The issue allows remote attackers to read arbitrary files by manipulating the filename parameter. The vulnerability affects...
CVE-2005-2195
Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service application crash via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502...
Apple Darwin Streaming Server special device name DoS
DoS with Web interface while requesting document with special DOS device name...
Apple Darwin Streaming Server NULL pointer DoS
Null pointer reference in DESCRIBE command...
CVE-2003-0052
parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories...
CVE-2003-0050
parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters...
CVE-2003-1413
parsexml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages...
CVE-2003-1414
Directory traversal vulnerability in parsexml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... triple dot in the filename parameter...