Lucene search
K

126 matches found

Tenable Nessus
Tenable Nessus
added 2000/04/12 12:0 a.m.56 views

Windmail.exe Shell Metacharacter Arbitrary Command Execution

The remote host may be running WindMail as a CGI application. In this mode, some versions of the 'windmail.exe' script allow an attacker to execute arbitrary commands on the remote server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ...

5CVSS5.8AI score0.08088EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2000/03/29 12:0 a.m.32 views

winmail305.txt

I found some vulnerabilities if windmail run as a CGI application.tested On WindowsNT 4.0, Windmail 3.05 successfully. WindMail is a 32-bit Windows console program by geocel that gives you command-line e-mail messaging capability. You can download an evaluation copy of WindMail 3.0 at:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/03/01 12:0 a.m.25 views

NetWin DNews 5.3 Server - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/1172/info DNews News Server is a CGI application that gives access to auser's NNTP server over the web. There are many unchecked buffers in the program, some of which can be exploited directly from any browser. Supplying an overlylong value for the "group...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/12/10 12:0 a.m.39 views

iis4.path.txt

Hello, There is another one way to retrieve a full path to local files in IIS4: If there is external CGI application configured for some file type and this application doesn't produce correct HTTP headers IIS generates an error with output of application both stdout and stderror. The problem is,...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/11/27 12:0 a.m.227 views

WWWBoard passwd.txt Authentication Credential Disclosure

The remote host is running WWWBoard, a bulletin board system written by Matt Wright. This board system comes with a password file passwd.txt installed next to the file 'wwwboard.html'. An attacker may obtain the contents of this file and decode the password to modify the remote www board...

10CVSS5.5AI score0.08604EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.56 views

icat carbo.dll icatcommand Parameter Traversal Arbitrary File Access

The installed version of the 'icat' CGI allows a remote user to read arbitrary files on the remote target, because it fails to properly sanitize user-supplied input to the 'icatcommand' parameter. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5CVSS5.5AI score0.08052EPSS
Exploits1References1
Rows per page
Query Builder