CVE-2000-0837

CVE-2000-0837 affects FTP Serv-U 2.5e, where a remote attacker can cause a denial of service by sending a large number of null bytes to the FTP service. The underlying issue is the service crashing under大量 null-byte input (as documented in public advisories and the Nessus plugin for Serv-U 2.5e D...

CVE-2000-0922

Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program shopper.cgi 2.0 and earlier allows remote attackers to read arbitrary files via a .. dot dot attack on the newpage parameter...

CVE-2000-0922

Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program shopper.cgi 2.0 and earlier allows remote attackers to read arbitrary files via a .. dot dot attack on the newpage parameter...

CVE-2000-0983

Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service CPU utilization via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability...

CVE-2000-0837

FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes...

Security Advisory: Bytes Interactive's Web Shopper (shopper.cgi) Directory Traversal Vulnerability

October 8, 2000 Security Advisory: Bytes Interactive's Web Shopper shopper.cgi Directory Traversal Vulnerability Affected Product/Versions: Bytes Interactive's Web Shopper shopper.cgi Version 1.0 Bytes Interactive's Web Shopper shopper.cgi Version 2.0 Affected Platforms: Unix Windows Overview: Th...

Bytes Interactive Web Shopper shopper.cgi Traversal Arbitrary File Access

The remote host contains is running Byte's Interactive Web Shopper, a shopping cart application. The installed version allows for retrieval of arbitrary files from the web server. %NASLMINLEVEL 70300 This script was written by Thomas Reinke See the Nessus Scripts License for details Changes by...

Bytes interactive Web shopper 1.02.0 - Directory Traversal

Bytes interactive Web shopper 1.02.0 - Directory Traversal source: https://www.securityfocus.com/bid/1776/info Bytes Interactive Web Shopper is a XML based shopping cart application. The "newpage" variable does not properly check for insecure relative paths such as the double dot "..". The...

Bytes interactive Web shopper 1.0/2.0 - Directory Traversal

source: https://www.securityfocus.com/bid/1776/info Bytes Interactive Web Shopper is a XML based shopping cart application. The "newpage" variable does not properly check for insecure relative paths such as the double dot "..". The following URL request:...

linux/x86 execve /bin/sh toupper() evasion 55 bytes

Exploit for linux/x86 platform in category shellcode =================================================== linux/x86 execve /bin/sh toupper evasion 55 bytes =================================================== / Linux/x86 toupper evasion, standard execve /bin/sh used eg. in various imapd exploits...

servu25e.txt

================================================================= Blue Panda Vulnerability Announcement: FTP Serv-U 2.5e 04/08/2000 dd/mm/yyyy [email protected] http://bluepanda.box.sk/ ================================================================= Problem: Sending FTP Serv-U a string...

Уязвимость в NTLMv1

Используется операция побитового илсключаещего или XOR с битовой последовательностью. Пароль передается как Unicode-строка, при этом используется большое количество нулевых байт в известных позициях, что позволяет обнаружить последовательность и извлечь пароль в случае перехвата пакета...

Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service

Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service // source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception...

Microsoft SQL Server 7.0/7.0 SP1 - NULL Data Denial of Service

// source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception EXCEPTIONACCESS VIOLATION". / sqldos.c -- a DoS attack agains MS...