thttpd-219.txt

thttpd 2.19 and earlier server-side-includes CGI program ssi allows retrieval of arbitrary world-readable files Date: October 2, 2000 Application: thttpd 2.19 and before Author: ghandi Vendor Status: merged patches into thttpd 2.20 Fix: upgrade into thttpd 2.20 1. Description The included cgi-bin...

thttpd ssi Servlet Encoded Traversal Arbitrary File Access

The version of thttpd running on the remote host comes with a CGI script, 'ssi', that fails to completely sanitize its PATHTRANSLATED argument of encoded directory sequences. An unauthenticated, remote attacker can use this issue to read arbitrary files on the remote host, subject to the privileg...

Moreover CGI script - File Disclosure

Moreover CGI script - File Disclosure source: https://www.securityfocus.com/bid/1762/info The 'cachedfeed' CGI script supplied by newsfeed vendor Moreover.com contains a file-disclosure vulnerability. The script's 'obtainfile' function, designed to return the contents of a specified file for...

Moreover CGI script - File Disclosure

source: https://www.securityfocus.com/bid/1762/info The 'cachedfeed' CGI script supplied by newsfeed vendor Moreover.com contains a file-disclosure vulnerability. The script's 'obtainfile' function, designed to return the contents of a specified file for display in the browser, fails to adequatel...

Дырка в Nokia Voyager

Переполнение буфера в одной из cgi-утилит...

Web+ позволяет обратиться к любому локальному файлу

С помощью обратного пути в директориях у CGI-приложения webplus можно запросить любой локальный файл...

Дырка в HP Openview Network Node Manager

Можно вызвать переполнение буфера в CGI-скрипте требующем авторизованного доступа...

TalentSoft Web+ ClientMonitorserver 4.6 - Internal IP Address Disclosure

TalentSoft Web+ ClientMonitorserver 4.6 - Internal IP Address Disclosure source: https://www.securityfocus.com/bid/1720/info Talentsoft Web+ is a web application server that can be integrated with various web technologies. A vulnerability exists in one of the CGI applications implemented by Web+...

TalentSoft Web+ Client/Monitor/server 4.6 - Internal IP Address Disclosure

source: https://www.securityfocus.com/bid/1720/info Talentsoft Web+ is a web application server that can be integrated with various web technologies. A vulnerability exists in one of the CGI applications implemented by Web+. It is possible for a remote user to retrieve the internal IP address in ...

Unixware 7.0 - SCOhelp HTTP Server Format String

Unixware 7.0 - SCOhelp HTTP Server Format String source: https://www.securityfocus.com/bid/1717/info SCO Unixware 7 default installation includes scohelp, an http server that listens on port 457/tcp and allows access to manual pages and other documentation files. The search CGI script provided fo...

Unixware 7.0 - SCOhelp HTTP Server Format String

source: https://www.securityfocus.com/bid/1717/info SCO Unixware 7 default installation includes scohelp, an http server that listens on port 457/tcp and allows access to manual pages and other documentation files. The search CGI script provided for that purpose has a vulnerability that could all...

HP OpenView Network Node Manager 6.10 - SNMP Denial of Service

source: https://www.securityfocus.com/bid/1713/info The OverView5 CGI interface by default is shipped with HP Openview Node Manager. HP Openview Node Manager can be compromised due to an unchecked buffer. By sending a specially crafted GET request comprised of 136 bytes to the web services defaul...

CVE-2000-0690

Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter...

CVE-2000-0686

Auction Weaver CGI script 1.03 and earlier is affected by a traversal flaw that lets remote attackers read arbitrary files through a .. attack in the fromfile parameter. Affected product: Auction Weaver LITE (1.0–1.04) per historical advisories; impact is remote file disclosure. Patch available: ...

CVE-2000-0686

Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. dot dot attack in the fromfile parameter...

CVE-2000-0696

The CVE-2000-0696 entry concerns the dwhttpd web server’s administration interface in Solaris AnswerBook2 . The vulnerability arises because the admin interface does not properly authenticate requests to its supporting CGI scripts, enabling a remote attacker to add user accounts by directly invok...

CVE-2000-0687

CVE-2000-0687 affects Auction Weaver CGI script LITE (1.0–1.04). A directory traversal flaw in the catdir parameter allows remote attackers to read arbitrary files. The vulnerability is remotely exploitable and was reported for UNIX and Windows NT platforms. The issue arises in versions 1.0 throu...

CVE-2000-0690

Auction Weaver CGI script 1.02 and earlier is affected by a remote command execution vulnerability: an attacker can inject shell metacharacters into the fromfile parameter to execute arbitrary commands. According to the PacketStorm entry, a patch exists (Auction Weaver 1.05). The NVD entry confir...

CVE-2000-0696

The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script...

Sambar Server search CGI vulnerability

Vulnerable: Sambar Server 4.4 Beta 3 Systems : WinNT, Win95 OSR2, possibly Linux affected Product : http://www.sambar.com Discovery : [email protected] Discussion ----------- The Sambar Server comes with a non-caching HTTP proxy server and basic SMTP, POP3, and IMAP4 proxy servers compiled in...