A1Stats Multiple Script Traversal Arbitrary File Access

The 'aldisp.cgi' CGI script was found on this system. This script allows an attacker to view any file on the target computer by making a specially crafted GET request. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

Advisory for A1Stats

Advisory for A1Stats A1Stats is made by Drummond Miles Site: http://www.gadnet.com/a1stats by nemesystm of the DHC http://dhcorp.cjb.net - [email protected] ADV-0114 /-|=explanation=|- A1Stats is a CGI package to track website traffic. The package has a view files bug and also gives the...

PerlCal cal_make.pl p0 Parameter Traversal Arbitrary File Read

The 'calmake.pl' cgi is installed on the remote host. This CGI has a well known security flaw that lets anyone read arbitrary files with the privileges of the http daemon root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

Очередные дырки в CGI

No description provided...

CVE-2000-0622

Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter...

CVE-2000-0622

CVE-2000-0622 : Buffer overflow in the Webfind CGI script of O'Reilly WebSite Professional WebServer 2.x (webfind.exe) when processing a too-long keywords parameter. This allows remote attackers to execute arbitrary commands on the affected host; some references describe the impact as potentially...

CVE-1999-0608

The CVE concerns the PDG Shopping Cart CGI program “shopper.cgi,” where an incorrect configuration can disclose private information. In the provided documents, the affected component is the shopper.cgi CGI script; vulnerability cause is misconfiguration leading to partial confidentiality impact. ...

Web mirroring stub

This script makes a mirror of the remote websites and extracts the list of CGIs that are used by the remote host. It is suggested that you change the number of pages to mirror in the 'Options' section of the client. C Tenable Network Security, Inc. @PREFERENCES@ WEBMIRROR 2.0 Written by Renaud...

CVE-2001-0291

Buffer overflow in post-query sample CGI program allows remote attackers to execute arbitrary commands via an HTTP POST request that contains at least 10001 parameters...

perlcal.txt

whizkunde security advisory: PerlCal CGI http://www.whizkunde.org | [email protected] ---------------------------------------------------------- Release date: April 27th 2001 Subject: PerlCal CGI security problem Systems affected: NIX not windows systems running PerlCal CGI script Vendor:...

Очередные дырки в CGI

Обратный путь в директориях, открытые на чтение пароли...

PerlCal (CGI) show files vulnerability

whizkunde security advisory: PerlCal CGI http://www.whizkunde.org | [email protected] ---------------------------------------------------------- Release date: April 27th 2001 Subject: PerlCal CGI security problem Systems affected: NIX not windows systems running PerlCal CGI script Vendor:...

Очередные дырки в CGI

Различные проблемы в CGI-приложениях позволяют выполнение кода...

PHP-Nuke opendir.php Traversal Arbitrary File Read

The remote host has the CGI 'opendir.php' installed. This CGI allows anyone to read arbitrary files with the privileges of the HTTP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10655; scriptversion"1.26"...

processit CGI Environment Variable Remote Information Disclosure

The 'processit' CGI is installed. processit normally returns all environment variables. This gives an attacker valuable information about the configuration of your web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descriptio...

IBM Websphere/Net.Commerce 3 - CGI-BIN Macro Denial of Service

source: https://www.securityfocus.com/bid/2588/info Net.Commerce is part of the Websphere platform of products distributed by IBM. Net.Commerce provides several versatile features to facilitate e-commerce, and features in performance and reliability. A problem in the Net.Commerce package could...

IBM WebsphereNet.Commerce 3 - CGI-BIN Macro Denial of Service

IBM WebsphereNet.Commerce 3 - CGI-BIN Macro Denial of Service source: https://www.securityfocus.com/bid/2588/info Net.Commerce is part of the Websphere platform of products distributed by IBM. Net.Commerce provides several versatile features to facilitate e-commerce, and features in performance a...

Очередные дырки в CGI

Недостаточная проверка ввода пользователя при вызове внешней программы...

CGI - nph-maillist.pl vulnerability...

Hello BuGReaders... Script: nph-maillist.plcgi Introduction: cat from source .................................................................... Created by: Matt Tourtillott URL: www.marketrends.net email [email protected] The email list generator is a web interfaced script that allows the...

Очередные ошибки в CGI (buffer overflow, directory traversal)

Классическое переполнение буфера crazywwwboard, обратный путь в директориях webspirs, talkback...