Zeus Web Server 3.x - Null Terminated Strings

Zeus Web Server 3.x - Null Terminated Strings source: https://www.securityfocus.com/bid/977/info Appending "%00" to the end of a CGI script filename will permit a remote client to view full contents of the script if the CGI module option "allow CGIs anywhere" is enabled. Scripts located in...

Zeus Web Server 3.x - Null Terminated Strings

source: https://www.securityfocus.com/bid/977/info Appending "%00" to the end of a CGI script filename will permit a remote client to view full contents of the script if the CGI module option "allow CGIs anywhere" is enabled. Scripts located in directories which are designated as executable eg...

CVE-1999-0283

The CVE-1999-0283 issue is described across connected records as a vulnerability in the Java Web Server where remote users could obtain the source code of CGI programs. The materials confirm the affected system (Java Web Server) and the exposure (source disclosure via remote access). No specific ...

CVE-1999-0287

Technical details for CVE-1999-0287 are not publicly provided in the connected documents. No confirmed affected versions, root cause, or fixes are disclosed here. Monitor for updates from vendors and security advisories.

CVE-2000-0074

PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions...

CVE-1999-0983

Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry...

CVE-2000-0074

The vulnerability CVE-2000-0074 affects PowerScripts PlusMail CGI. The PlusMail CGI allows remote command execution via a password file with improper permissions on the server side. Affected component: PlusMail CGI in PowerScripts. Impact per sources: potential remote command execution with netwo...

CVE-1999-0604

The CVE-1999-0604 entry refers to an incorrect configuration in the WebStore 1.0 shopping cart CGI program (web_store.cgi) that could disclose private information. Connected sources (Red Hat CVE page, CVE lists, EUVD entry) corroborate the same description. No patches or remediation details are p...

CVE-1999-0605

Technical details for CVE-1999-0605 are not publicly available in the provided documents. Monitor for updates.

CVE-1999-0606

The CVE-1999-0606 entry concerns the EZMall 2000 shopping cart CGI program mall2000.cgi. The issue is described as an incorrect configuration that could disclose private information, affecting confidentiality (PARTIAL) with a CVSS v2 base score of 5.0 (Network, low attack complexity, no authentic...

CVE-1999-0606

An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information...

CVE-1999-0604

An incorrect configuration of the WebStore 1.0 shopping cart CGI program "webstore.cgi" could disclose private information...

CVE-1999-0467

The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter...

CVE-1999-0509

CVE-1999-0509 describes remote arbitrary-command execution when shell interpreters (Perl, sh, csh, etc.) are installed in the web server’s /cgi-bin directory. The underlying issue is CGI scripts running with the server’s privileges, enabling attackers to execute commands. Affected scenario: a WWW...

CVE-1999-0610

An incorrect configuration of the Webcart CGI program could disclose private information...

CVE-1999-0467

The CVE-1999-0467 issue affects the Webcom CGI Guestbook programs wguest.exe and rguest.exe, where the template parameter can be used by a remote attacker to read arbitrary files. Public sources (NVD, Red Hat, CVE List) consistently describe an unauthenticated, remote file-read vulnerability affe...

CVE-1999-0283

The Java Web Server would allow remote users to obtain the source code for CGI programs...

CVE-1999-0509

Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands...

CVE-1999-0609

CVE-1999-0609 concerns the SoftCart CGI program (SoftCart.exe). The connected records indicate an incorrect configuration that could disclose private information. There are multiple entries (NVD, Red Hat, CVE List) with identical descriptions, but no public details on affected versions, specific ...

CVE-1999-0610

CVE-1999-0610 concerns a misconfiguration in the Webcart CGI program that can disclose private information. Affected component: Webcart CGI; root cause: incorrect configuration. Exposed locations include world-readable files/directories under /webcart and /webcart-lite (e.g., orders/, carts/, con...