11 matches found
EUVD-2000-0078
Malware in sbrugna...
W3C CERN httpd Detection
Checks whether the CERN httpd is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU...
W3C CERN httpd 3.0 Proxy Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5447/info CERN httpd is a freely available HTTP server and HTTP proxy server available from the W3C. The httpd Proxy is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are...
CERN HTTPD access control bypass
It is possible to access protected web pages by changing / with // or /./ This was a bug in old versions of CERN web server A work around consisted in rejecting patterns like: // // /./ /./ OpenVAS Vulnerability Test $Id: cernhttpdaccessctrl.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: CE...
CERN httpd CGI name heap overflow
It was possible to kill the remote web server by requesting GET /cgi-bin/A.AAAA...A HTTP/1.0 This is known to trigger a heap overflow in some servers like CERN HTTPD. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C...
CERN httpd CGI Name Handling Remote Overflow
The remote web server stopped responding after sending it a GET request for a CGI script with a arbitrary long file name. This is known to trigger a heap overflow in some servers like CERN HTTPD. An attacker may use this flaw to disrupt the remote service and possibly even run malicious code on t...
CERN httpd Double Slash Protected Webpage Bypass
The remote web server allows an attacker to access protected web pages by replacing slashes in the URL with '//' or '/./', which is a known problem in older versions of CERN web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17230; scriptversion"1.19";...
CERN Proxy Server: Cross-Site Scripting Vulnerability
CERN Proxy Server: Cross-Site Scripting Vulnerability ===================================================== Affected: CERN HTTPD 3.0A http://www.w3.org/Daemon/Activity.html Vendor Status: CERN httpd team [email protected] was notified on Aug 10, 2001 but they did not respond. Exploit:...
W3C CERN HTTPd 3.0 Proxy - Cross-Site Scripting
source: https://www.securityfocus.com/bid/5447/info CERN httpd is a freely available HTTP server and HTTP proxy server available from the W3C. The httpd Proxy is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are displayed in error messages. It is...
W3C CERN HTTPd 3.0 Proxy - Cross-Site Scripting
W3C CERN HTTPd 3.0 Proxy - Cross-Site Scripting source: https://www.securityfocus.com/bid/5447/info CERN httpd is a freely available HTTP server and HTTP proxy server available from the W3C. The httpd Proxy is vulnerable to a cross site scripting attack. The condition is present because of the wa...
CERN httpd Virtual Web Path Disclosure
The remote host appears to be running CERN httpd. It was possible to get the physical location of a virtual web directory by issuing the request : GET /cgi-bin/ls HTTP/1.0 A remote attacker could use this information to mount further attacks. C Tenable Network Security, Inc. include"compat.inc";...