MultiHTML multihtml.pl Traversal Arbitrary File Access

The 'multihtml.pl' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files on the remote host through the 'multi' parameter. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

sambar-http.txt

Sambar Server search CGI vulnerability + Advisory by dethy www.synnergy.net |==============================================| Advisory 13 Vulnerable: Sambar Server 4.4 Beta 3 Systems : WinNT, Win95 OSR2, possibly Linux affected Product : http://www.sambar.com Discovery : [email protected]...

Дырка в SiteMinder

С помощью специально сконструированной URL можно получить доступ к закрытым документам, кроме того, можно получить исходные тексты CGI-приложений...

Unsafe passing of variables to mailform.pl in MailForm V2.0

Title: Unsafe passing of variables to mailform.pl in MailForm V2.0 For Unix or NT Advisory Author: Karl Hanmore [email protected] Script URL: http://rlaj.com/scripts/mailform Script Author: Ranson Johnson Advisory Released: 11 September 2000 Vendor notified: [email protected] 05 Sept...

YaBB YaBB.pl num Parameter Traversal Arbitrary File Access

The 'YaBB.pl' CGI script is installed on the remote host. This script has a well-known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Matt Kruse calendar_admin.pl Shell Metacharacter Arbitrary Command Execution

The 'calendaradmin.pl' CGI is installed. This CGI has a well known security flaw that allows a remote attacker to execute commands with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

Дырки в DocumentDirect

Многочисленные переполнения буфера в CGI...

ISSalert: Internet Security Systems Security Advisory: Buffer Overflow in IBM Net.Data db2www CGI program

TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...

Проблемы с установкой Apache в SuSE Linux

Ошибка в файле конфигурации стандартной установки позволяет получать исходные тексты CGI-приложений. Кроме того, компонент WebDAV позволяет получать список файлов в директории...

@stake Advisory: SuSE Apache CGI Source Code Viewing (A090700-2)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com www.cerberus-infosec.co.uk Security Advisory Release Date: 09/07/2000 Application: Apache 1.3.9/12 Platform: SuSE Linux 6.3 and 6.4 Severity: An attacker can gain access to source code of CGI scripts. As such they may be...

Apache on SuSE Linux cgi-bin-sdb Request Script Source Disclosure

The directory /cgi-bin-sdb is an Alias of /cgi-bin - most SuSE systems are configured that way. This setting allows an attacker to obtain the source code of the installed CGI scripts on this host. This is dangerous as it gives an attacker valuable information about the setup of this host, or...

Дырка в News Publisher CGI

Из-за недостаточной проверки ввода пользователя есть возможность добавлять пользователей...

Дырка в Stalker CGI Mail

Макро $File$ и $Attach$ позволяют прикрепить к письму любой файл...

News Publisher CGI Vulnerability

Product: News Publisher Versions: Tested v1.05, 1.05a, 1.05b and 1.06 newest OS: Unix and Winnt Vendor: Notified Web Site: www.gwscripts.com The Problem, yet again CGI authors use nested IF statements to decide what action to take upon and incoming request. This time the problem allows ppl to add...

CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution

source: https://www.securityfocus.com/bid/1645/info CGI Script Center's Auction Weaver does not verify the validity of the value in the variable 'fromfile'. Therefore it is possible to perform arbitrary commands on a remote system under the UID of the http daemon by altering the variable...

CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution

CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution source: https://www.securityfocus.com/bid/1645/info CGI Script Center's Auction Weaver does not verify the validity of the value in the variable 'fromfile'. Therefore it is possible to perform arbitrary commands on a remote system...

Account Manager CGI Vulnerability

Product: Account Manager Versions: ALL including LITE and PRO haven't been able to test ENTERPRISE OS: Unix and Winnt Vendor: Notified, http://www.cgiscriptcenter.com/ The Problem: The Script allows any remote user access to the Administration Control Panel through overwriting the Admin Password...

Simple Web Counter swc ctr Parameter Remote Overflow

The CGI 'swc' Simple Web Counter is present and vulnerable to a buffer overflow when issued a too long value to the 'ctr=' argument. An attacker may use this flaw to gain a shell on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script audit and contributions from Carmichael...

htgrep hdr Parameter Arbitrary File access

The 'htgrep' cgi is installed. This CGI has a well known security flaw that lets anyone read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

CGI Script Center Account Manager 1.0 LITE / PRO - Administrative Password Alteration (2)

source: https://www.securityfocus.com/bid/1604/info Regardless of privilege level, any remote user can modify the administrative password for CGI Script Centers' Account Manager. In order to accomplish this, a user would access the following URL with a POST command:...