64 matches found
W3.org Anaya Web sendtemp.pl 'templ' Parameter Traversal Arbitrary File Access
The 'sendtemp.pl' CGI is installed. This CGI has a well known security flaw that allows an attacker read arbitrary files with the privileges of the HTTP daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10614;...
[Update] NSFOCUS SA2000-07: Microsoft IIS 4.0/5.0 CGI File Name Inspection Vulnerability
NSFOCUS Security AdvisorySA2000-07 Topic: Microsoft IIS 4.0/5.0 CGI File Name Inspection Vulnerability Release DateЈє Nov 7th, 2000 Update DateЈє Nov 23rd, 2000 CVE Candidate Numbers: CAN-2000-0886 BUGTRAQ ID : 1912 Affected system: ================ - Microsoft IIS 4.0 - Microsoft IIS 5.0 Impact:...
NSFOCUS SA2000-07 : Microsoft IIS 4.0/5.0 CGI File Name Inspection Vulnerability
NSFOCUS Security AdvisorySA2000-07 Topic: Microsoft IIS 4.0/5.0 CGI File Name Inspection Vulnerability Release DateЈє Nov 7th, 2000 CVE Candidate Numbers: CAN-2000-0886 BUGTRAQ ID : 1912 Affected system: ================ - Microsoft IIS 4.0 SP6 - Microsoft IIS 5.0 Not affected system:...
Vulnerability in Poll_It cgi v2.0
This has already been sent to securityfocus.com and cgi-world.com. It is now listed at securityfocus.com at http://www.securityfocus.com/bid/1431. Original email that I sent is below: The CGI is available from: http://www.cgi-world.com/pollit.html The bug takes place when calling the CGI and...