CVE-2000-0255

The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program...

Re: Denial of Service in Xitami webserver all versions...

Xitami also has an overflow in one of the default example CGI programs that it comes with. http://server.com/cgi-bin/TESTCGI.EXE bla bla bla overflow argv fun. Signed, Marc eEye Digital Security http://www.eEye.com "Its a bullshit, three ring, circus sideshow. The only way to fix it is to flush i...

Apple WebObjects Developer NT4 IIS4.0 CGI-adapter 4.5 - Developer Remote Overflow

Apple WebObjects Developer NT4 IIS4.0 CGI-adapter 4.5 - Developer Remote Overflow source: https://www.securityfocus.com/bid/1896/info A denial-of-service vulnerability exists in Apple's WebObjects 4.5 Developer, a popular platform for developing web-based applications. The vulnerable version is...

Apple WebObjects Developer NT4 IIS4.0 CGI-adapter 4.5 - Developer Remote Overflow

source: https://www.securityfocus.com/bid/1896/info A denial-of-service vulnerability exists in Apple's WebObjects 4.5 Developer, a popular platform for developing web-based applications. The vulnerable version is Windows NT 4.0 SP5, when run in conjunction with the CGI-adapter and IIS 4.0. An HT...

SalesLogix eViewer slxweb.dll Request Remote DoS

It was possible to crash the remote server by requesting : GET /scripts/slxweb.dll/admin?command=shutdown A remote attacker could use this flaw to crash this host, preventing your network from working properly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

winmail305.txt

I found some vulnerabilities if windmail run as a CGI application.tested On WindowsNT 4.0, Windmail 3.05 successfully. WindMail is a 32-bit Windows console program by geocel that gives you command-line e-mail messaging capability. You can download an evaluation copy of WindMail 3.0 at:...

CVE-2000-0187

EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. dot dot attack or execute commands via shell metacharacters...

CVE-2000-0149

Zeus Web Server (versions 3.1.x–3.3.5) contains an information disclosure flaw where a null byte (%00) at the end of a URL allows remote attackers to view the source code of CGI scripts. Root cause: improper handling of CGI input leading to source disclosure. Impact is information exposure of CGI...

CVE-2000-0213

The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the CGI directory, which allow remote attackers to execute commands via shell metacharacters...

CVE-2000-0022

Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory...

CVE-2000-0188

EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. dot dot attack or execute commands via shell metacharacters...

CVE-2000-0177

CVE-2000-0177 concerns DNSTools CGI applications where remote attackers can execute arbitrary commands due to shell metacharacters. The issue is described across NVD and CVE records as enabling complete compromise (C, I, A) with network access and no authentication, yielding a very high risk (CVS...

CVE-2000-0022

Technical details about CVE-2000-0022 are not publicly provided in the supplied documents. Monitor for updates from referenced sources; only the basic description about Lotus Domino CGI-bin anonymous access is available.

CVE-2000-0149

Zeus web server allows remote attackers to view the source code for CGI programs via a null character %00 at the end of a URL...

CVE-2000-0039

CVE-2000-0039 affects AltaVista search engine via a directory traversal vulnerability in the query.cgi CGI program, allowing remote attackers to read files above the document root by exploiting a .. (dot dot) parameter. The issue is documented across multiple sources (NVD, CVE List, Nessus listin...

CVE-2000-0177

DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters...

Sojourn Search Engine sojourn.cgi cat Parameter Traversal Arbitrary File Access

The 'sojourn.cgi' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10349;...

Mirabilis ICQ 0.9998.0 a2000.0 A99a - Remote Denial of Service

Mirabilis ICQ 0.9998.0 a2000.0 A99a - Remote Denial of Service // source: https://www.securityfocus.com/bid/1463/info The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. / ICQ...

rpm_query CGI System Information Disclosure

The rpmquery CGI is installed. This CGI allows anyone who can connect to this web server to obtain the list of the installed RPMs. This allows an attacker to determine the version number of your installed services, hence making their attacks more accurate. %NASLMINLEVEL 70300 C Tenable Network...

CVE-2000-0192

The default installation of Caldera OpenLinux 2.3 includes the CGI program rpmquery, which allows remote attackers to determine what packages are installed on the system...