766 matches found
Aspseek Buffer Overflow
|---------------------------------------------------------------------------------------| / Product: Aspseek Search Engine. Vendor URL: www.aspseek.org / Tested on: v1.0.0 - v1.0.3 Freeware Linux Vendor Contact: Mailed on 8th March NO Reply Vendor Patched though / |-- The Problem,...
Дырка в AnalogX Simple Server
Запрос к длинному имени файла в каталоге cgi-bin приводит к краху сервера...
CVE-2000-0473
Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker to cause a denial of service via a long GET request for a program in the cgi-bin directory...
CVE-2000-0473
Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker to cause a denial of service via a long GET request for a program in the cgi-bin directory...
CVE-1999-0854
Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file...
Cart32 3.0 - expdate Administrative Information Disclosure
Cart32 3.0 - expdate Administrative Information Disclosure source: https://www.securityfocus.com/bid/1358/info By appending the string "/expdate" to a request for the cart32.exe executable, http: //target/cgi-bin/cart32.exe/expdate an attacker can access an error message followed by a debugging...
Buffer overflows in Skyline/SpinBox client
There are some buffer overflows in SpinBox/1.1 from the spinserver.conf. SpinBox is an SSI/cgi-tool used by advertisement companies, made by Skyline. Since this is closed source software, I can't post the sources. The buffer overflows are mostly in the query string strcat and strcpy instead of...
CVE-2000-0022
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory...
CVE-2000-0022
Technical details about CVE-2000-0022 are not publicly provided in the supplied documents. Monitor for updates from referenced sources; only the basic description about Lotus Domino CGI-bin anonymous access is available.
FreeBSD-SA-00:06.htdig
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:06 Security Advisory FreeBSD, Inc. Topic: htdig port allows remote reading of files Category: ports Module: htdig Announced: 2000-03-01 Affects: Ports collection before...
sambar.bat.txt
PRODUCT ------- The Sambar Server is a multi-threaded HTTP, FTP and Proxy server for Windows NT and Windows 95. AFFECTED VERSIONS ----------------- All version of Sambar server running under Windows NT 4.0 and Windows 2000. Windows 98 version is vulnerable. VULNERABILITY DESCRIPTION...
Sambar Server Multiple Script Arbitrary Code Execution
At least one of these CGI scripts is installed : hello.bat echo.bat They allow any attacker to execute commands with the privileges of the web server process. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10246;...
CVE-1999-0509
CVE-1999-0509 describes remote arbitrary-command execution when shell interpreters (Perl, sh, csh, etc.) are installed in the web server’s /cgi-bin directory. The underlying issue is CGI scripts running with the server’s privileges, enabling attackers to execute commands. Affected scenario: a WWW...
CVE-1999-0509
Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands...
CVE-2000-0022
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory...
IBM Lotus Domino HTTP Server Filesystem Setup Disclosure
It is possible to get the absolute path leading to the remote /cgi-bin directory by requesting a bogus cgi. This issue can be used to obtain OS and installation details. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
CVE-1999-0854
Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file...
CVE-1999-0021
CVE-1999-0021 affects Count.cgi (wwwcount) CGI-bin; remote buffer overflow in handling QUERY_STRING enables arbitrary command execution. Impact is Web server context with the program’s privileges. Affected version(s) include Count.cgi 2.3; remediation per sources is to upgrade to version 2.4 or l...
omnihttpd.webserver.txt
Date: Sat, 5 Jun 1999 09:53:51 +0300 From: Valentin Perelogin To: [email protected] Subject: Remote Exploit Bug in OmniHTTPd Web Server Hi all, The exploit bug will make temp files on the server until servers hdd is full. And anyone can do it remotely. By default visadmin.exe Visitor...
Web Server /cgi-bin Shell Access
The remote web server has one of these shells installed in /cgi-bin : ash, bash, csh, ksh, sh, tcsh, zsh Leaving executable shells in the cgi-bin directory of a web server may allow an attacker to execute arbitrary commands on the target machine with the privileges of the HTTP daemon. %NASLMINLEV...