directorypro.cgi , directory traversal

cgi-script directorypro.cgi is vulnerable to a directory traversal. http://target/cgi-bin/directorypro.cgi?want=showcat&show=../../../..//etc/motd00 I didn't looked at the source of the script but it is probably a script wat normally puts an extension to the requested file. But bij putting the 00...

Directory Pro Traversal Arbitrary File Access

The CGI 'directorypro.cgi' is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the HTTP daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

sa2001_02.txt

NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system...

NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error Vulnerability

NSFBUGTRAQOCUS Security AdvisorySA2001-02 Topic: Microsoft IIS CGI Filename Decode Error Vulnerability Release DateЈє 2001-5-15 CVE Candidate Numbers: CAN-2001-0333 BUGTRAQ ID : 2708 Affected system: ================ - Microsoft IIS 4.0 - Microsoft IIS 5.0 Not affected system: ===================...

CVE-2000-0622

Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter...

PerlCal (CGI) show files vulnerability

whizkunde security advisory: PerlCal CGI http://www.whizkunde.org | [email protected] ---------------------------------------------------------- Release date: April 27th 2001 Subject: PerlCal CGI security problem Systems affected: NIX not windows systems running PerlCal CGI script Vendor:...

PHP-Nuke opendir.php Traversal Arbitrary File Read

The remote host has the CGI 'opendir.php' installed. This CGI allows anyone to read arbitrary files with the privileges of the HTTP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10655; scriptversion"1.26"...

processit CGI Environment Variable Remote Information Disclosure

The 'processit' CGI is installed. processit normally returns all environment variables. This gives an attacker valuable information about the configuration of your web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descriptio...

IBM WebsphereNet.Commerce 3 - CGI-BIN Macro Denial of Service

IBM WebsphereNet.Commerce 3 - CGI-BIN Macro Denial of Service source: https://www.securityfocus.com/bid/2588/info Net.Commerce is part of the Websphere platform of products distributed by IBM. Net.Commerce provides several versatile features to facilitate e-commerce, and features in performance a...

talkback.txt

whizkunde security advisory: talkback CGI http://www.whizkunde.org | [email protected] ---------------------------------------------------------- Release date: April 9th 2001 Subject: talkback.cgi security problem Systems affected: UNIX systems running talkback CGI script Vendor:...

Remote buffer overflow condition in post-query (CGI).

The overflow condition is very easily exploitable, since the code actually supplies the pointer to the exploit code itself, odd as it maye seem. The pointer thusly does not need to be second-guessed at all, making life much easier for crackers. Code excerpts; ... define MAXENTRIES 10000 typedef...

Muscat Empower CGI Malformed DB Parameter Path Disclosure

The remote host appears to be running Muscat Empower. It was possible to get the physical location of a virtual web directory by issuing the following command : GET /cgi-bin/empower?DB=whatever HTTP/1.0 A remote attacker could use this information to mount further attacks. %NASLMINLEVEL 70300 C...

Дырка в CGI wwwwais

Классическое переполнение буфера...

Дырка в CGI Ikonboard

Классические ошибки perl CGI...

Дырка в ezmlm-cgi

Пользователь может задать собственный конфигурационный файл и выполнить любые команды...

Дырка в IBM Net.Data

Классическое переполнение буфера в CGI db2www при обработке PATHINFO...

BB4 Big Brother Network Monitor 1.5 d2 - 'bb-hist.sh?HISTFILE' File Existence Disclosure

source : https://www.securityfocus.com/bid/1971/info Big Brother Network Monitor is a robust, feature rich network monitoring package produced by BB4 Technologies. A problem exists that can allow remote account guessing. The problem occurs in the Common Gateway Interface package included with Big...

ListMail 112 - Command Execution

ListMail 112 - Command Execution !/usr/bin/perl -w Listmail v112 by P.M.Systems / PoC Exploit Listmail is a powerful, hands-free mailing list manager which is exploitable due to an insecure open call. This exploit will attempt to bind a shell at port 60179/fido by using inetd. Code to spawn an...

Security Advisory YYYY-NNN

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-014 ================================= Topic: Global-3.55 allows world-wide executable cgi. Version: any before 4.01 Severity: permits remote execution of arbitrary shell commands Abstract ======== When using the CGI interface of the...

CVE-2000-0588

SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands...