ANHTTPd.txt

Product Description AN HTTPd is a relatively small, powerful web server designed for Windows systems. It supports ISAPI, CGI, SSI, and several other powerful technologies such as isolated worker processes usually only seen in production servers. More information on AN HTTPd is available at...

CGI bugs

No description provided...

CGI bugs

No description provided...

HP Instant TopTools hpnst.exe CGI DoS

The remote host has the CGI 'hpnst.exe' installed. Older versions of this CGI pre 5.55 are vulnerable to a denial of service attack where the user can make the CGI request itself. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

CGI bugs

No description provided...

Apache 2.0.x < 2.0.45 Multiple Vulnerabilities (DoS, File Write)

The remote host is running a version of Apache 2.0.x that is prior to 2.0.45. It is, therefore, reportedly affected by multiple vulnerabilities : - There is a denial of service attack that could allow an attacker to disable this server remotely. - The httpd process leaks file descriptors to child...

CVE-2002-0488

Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the host parameter...

CVE-2002-0290

Netwin WebNews WebNews.cgi (Webnews.exe) version 1.1 is affected by a buffer overflow when processing a long group argument in the WebNews CGI, allowing remote attackers to execute arbitrary code. The issue is described across CVE-2002-0290 records (NVD/Nessus/OpenVAS) with a base CVSS v2 score o...

CVE-2002-0599

Blahz-DNS 0.2 and earlier is affected by CVE-2002-0599. The vulnerability allows remote attackers to bypass authentication and modify DNS configuration by directly requesting CGI programs (e.g., dostuff.php) instead of using the login screen. Affected component is the authentication/config flow; ...

CVE-2002-0488

The vulnerability CVE-2002-0488 affects Linux Directory Penguin traceroute.pl CGI script version 1.0. A flaw in the traceroute.pl CGI allows remote attackers to execute arbitrary code via shell metacharacters in the host parameter, enabling remote code execution. This assessment is supported by P...

CVE-2000-0590

Poll It 2.0 CGI script allows remote attackers to read arbitrary files by specifying the file name in the datadir parameter...

CVE-2000-0590

CVE-2000-0590 affects the Poll It 2.0 CGI script. The vulnerability allows a remote attacker to read arbitrary files by supplying a file name in the data_dir parameter, with an example showing access to /etc/passwd. OpenVAS/Nessus entries corroborate arbitrary file access via the CGI. Remediation...

CVE-2002-0947

CVE-2002-0947 describes a buffer overflow in the rwcgi60 CGI program used by Oracle Reports Server 6.0.8.18.0 and earlier (Oracle9iAS and other products). The vulnerability allows a remote attacker to execute arbitrary code via a long database name parameter. The Oracle RWCGI60 component handles ...

CGI bugs

No description provided...

CGI bugs reported by Russian teams

No description provided...

CC GuestBook cc_guestbook.pl Multiple Parameter XSS

The remote host is running ccguestbook.pl, a guestbook written in Perl. This CGI is vulnerable to a cross-site scripting attack. An attacker may use this flaw to steal the cookies of your users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: From: "BrainRawt ." To:...

SCSA012.txt

Security Corporation Security Advisory SCSA-012 PROGRAM: Sambar Server HOMEPAGE: http://www.sambar.com/ VULNERABLE VERSIONS: 5.3 and prior DESCRIPTION "Sambar Server is the new standard in high performance multi-functional servers with features rivaling other commercial products selling separatel...

Sambar Server Multiple Script XSS

The Sambar web server comes with a set of CGIs are that vulnerable to a cross-site scripting attack. An attacker may use this flaw to steal the cookies of your web users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: Date: 27 Mar 2003 17:26:19 -0000 From: Gregory Le Bras To:...

Sambar Server 5.x - Information Disclosure

Sambar Server 5.x - Information Disclosure source: https://www.securityfocus.com/bid/7207/info An information disclosure vulnerability has been reported for Sambar Server. The vulnerability exists in some files existing in Sambar Server's cgi-bin directory. An attacker can exploit this...

Sambar Server 5.x - Information Disclosure

source: https://www.securityfocus.com/bid/7207/info An information disclosure vulnerability has been reported for Sambar Server. The vulnerability exists in some files existing in Sambar Server's cgi-bin directory. An attacker can exploit this vulnerability by making a request for these files. Th...