Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution (1)

Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution 1 // source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request...

Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution (5)

Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution 5 source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, i...

NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error Vulnerability

NSFBUGTRAQOCUS Security AdvisorySA2001-02 Topic: Microsoft IIS CGI Filename Decode Error Vulnerability Release DateЈє 2001-5-15 CVE Candidate Numbers: CAN-2001-0333 BUGTRAQ ID : 2708 Affected system: ================ - Microsoft IIS 4.0 - Microsoft IIS 5.0 Not affected system: ===================...

Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (7)

source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...

Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (8)

source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...

Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (6)

source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...

Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (3)

source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...

Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (5)

source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...

Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (4)

// source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...

Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (1)

// source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...

A1Stats Multiple Script Traversal Arbitrary File Access

The 'aldisp.cgi' CGI script was found on this system. This script allows an attacker to view any file on the target computer by making a specially crafted GET request. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

PerlCal cal_make.pl p0 Parameter Traversal Arbitrary File Read

The 'calmake.pl' cgi is installed on the remote host. This CGI has a well known security flaw that lets anyone read arbitrary files with the privileges of the http daemon root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

Очередные дырки в CGI

No description provided...

Advisory for A1Stats

Advisory for A1Stats A1Stats is made by Drummond Miles Site: http://www.gadnet.com/a1stats by nemesystm of the DHC http://dhcorp.cjb.net - [email protected] ADV-0114 /-|=explanation=|- A1Stats is a CGI package to track website traffic. The package has a view files bug and also gives the...

CVE-2000-0622

Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter...

CVE-2000-0622

CVE-2000-0622 : Buffer overflow in the Webfind CGI script of O'Reilly WebSite Professional WebServer 2.x (webfind.exe) when processing a too-long keywords parameter. This allows remote attackers to execute arbitrary commands on the affected host; some references describe the impact as potentially...

CVE-1999-0608

The CVE concerns the PDG Shopping Cart CGI program “shopper.cgi,” where an incorrect configuration can disclose private information. In the provided documents, the affected component is the shopper.cgi CGI script; vulnerability cause is misconfiguration leading to partial confidentiality impact. ...

Web mirroring stub

This script makes a mirror of the remote websites and extracts the list of CGIs that are used by the remote host. It is suggested that you change the number of pages to mirror in the 'Options' section of the client. C Tenable Network Security, Inc. @PREFERENCES@ WEBMIRROR 2.0 Written by Renaud...

CVE-2001-0291

Buffer overflow in post-query sample CGI program allows remote attackers to execute arbitrary commands via an HTTP POST request that contains at least 10001 parameters...

perlcal.txt

whizkunde security advisory: PerlCal CGI http://www.whizkunde.org | [email protected] ---------------------------------------------------------- Release date: April 27th 2001 Subject: PerlCal CGI security problem Systems affected: NIX not windows systems running PerlCal CGI script Vendor:...