9783 matches found
Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure
source: https://www.securityfocus.com/bid/591/info Under certain versions of Mini SQL, the w3-msql CGI script allows users to view directories which are set for private access via .htaccess files. W3-mSQL converts any form data passed to a script into global Lite variables and these variables can...
CVE-1999-0753
The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories...
anyboard.forum.passwd.txt
Date: Sat, 24 Apr 1999 03:55:39 +0200 From: "Bluefish @ home" To: [email protected] Subject: Anyboard www.netbula.com problem's publicly discussed in eurohack Draz Q published a short summary of problems with a webrelated software in eurohack. Basicly it sounds pretty much like a common CGI...
omnihttpd.webserver.txt
Date: Sat, 5 Jun 1999 09:53:51 +0300 From: Valentin Perelogin To: [email protected] Subject: Remote Exploit Bug in OmniHTTPd Web Server Hi all, The exploit bug will make temp files on the server until servers hdd is full. And anyone can do it remotely. By default visadmin.exe Visitor...
webcom.cgi.guestbook.txt
Date: Fri, 9 Apr 1999 20:41:39 +0100 From: Mnemonix To: [email protected] Subject: Webcom's CGI Guestbook for Win32 web servers I reported a while back on Webcom's www.webcom.se CGI Guestbook wguest.exe and rguest.exe having a number of security problems where any text based file o...
cgi-check99.r
REBOL Title: "CGI Check 99" Date: 27-May-1999 Author: "deepquest 98% by loser" Comment: "respect and source from loser" File: %cgi-check99.r Email: [email protected] Purpose: Popular CGI scanner ported and improved to REBOL. secure none print "CGI Scanner. Ported by loser improved by...
nsover.txt
http://www.rootshell.com/ From [email protected] Wed Oct 21 18:00:09 1998 Date: Wed, 21 Oct 1998 19:23:45 -0500 From: Mr. Nothing To: [email protected] Subject: Netscape Buffer Overflow Here is a buffer overflow exploit for Netscape on x86 Linux. It can be activated remotely by the followi...
freestats-cgi.txt
Date: Sat, 21 Nov 1998 12:54:41 -0500 From: John Carlton To: [email protected] Subject: Freestats.com CGI vulnerability About a year ago I developed an exploit for the free web stats services offered at freestats.com, and supplied the webmaster with proper code to patch the bug. After hearing ...
valueclick-cgi.txt
Date: Sat, 19 Dec 1998 17:19:34 +0200 From: Philip Stoev Reply-To: Bugtraq List To: [email protected] Subject: ValueClick CGI Vulnerability The following text is in the "KOI8-R" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. T...
netscape-cache-exploit.txt
Below is source code for the two versions of the Netscape Cache exploit that was recently discovered by Dan Brumleve , as found on his web site at http://www.shout.net/nothing/cache-cow/index.html First version , and then second version listed. -----snip----- !/usr/bin/perl cache-cow.cgi -- Dan...
activeperl.516.dos.txt
Date: Mon, 31 May 1999 07:16:53 -0700 From: Michael Smith To: [email protected] Subject: ActiveState Security Advisory Problem -------- PerlScript and Perl-ISAPI that come with ActivePerl 516 and earlier versions, inadequately check the length of path information sent to open. Due ...
cgi-check99.2.r
REBOL Title: "CGI Check 99 v0.2" Date: 8-Jun-1999 Author: "deepquest" Comment: "extR4 shOut 2: loser, packetstorm, attrition, H4k, uha1, acpm, krisTof, mad55, siRYus, bl4St, nucleus, & Other H4k cR3Ws" File: %cgi-check99.r Email: [email protected] Purpose: Popular CGI scanner ported and...
solarisab2.txt
Date: Sun, 23 Aug 1998 21:02:30 -0700 From: Marc Slemko Subject: Solaris ab2 web server is junk For anyone who didn't figure out in the first two seconds after installing Solaris that running Sun's well, ok, it is some third party server but Sun is licensing it answerbook web server is silly, now...
hp.vvos.tgad.dos.txt
TGAD DoS VirtualVault Overview The VirtualVault operating system is HP's solution to secure electronic commerce. It is a B1 and B2 DoD compliant system that is becoming increasingly popular with big business, banks, etc., The main security mechanism in which VVOS is based upon is data partitionin...
cgichk.r
REBOL Title: "CGI Scanner" Author: "Epicurus" Date: 29-May-1999 File: %cgichk.r Purpose: To scan a domain for CGI scripts with known vulnerabilities. secure none print "CGI Scanner in Rebol v1.0" prin "Host: " remote: input scripts: %/cgi-bin/rwwwshell.pl %/cgi-bin/phf %/cgi-bin/Count.cgi...
msie4.width.000.txt
Jim Paris http://home.jtan.com/jim/bugs/ie/width.html Internet Explorer 4.x "width=000..." bug Some versions of Microsoft Internet Explorer will crash when given a long "width=" or "height=" string in an image tag under the correct circumstances. In most cases, IE will stop parsing the "width="...
cgi-check.r
REBOL Title: "CGI Check" Date: 17-May-1999 Author: "loser" File: %cgi-check.r Email: [email protected] Purpose: Popular CGI scanner ported to REBOL. secure none print "CGI Scanner. Ported by loser." prin "Site to scan: " site: input a: exists? join http:// site "/cgi-bin/rwwwshell.pl " if a ==...
big.brother.1.09.b-c.txt
Date: Mon, 26 Apr 1999 06:49:59 -0400 From: Sean MacGuire To: [email protected] Subject: FW: Security Notice: Big Brother 1.09b/c http://www.maclawran.ca/bb/ for more info on Big Brother. -----FW: ----- Date: Mon, 26 Apr 1999 06:49:59 -0400 EDT From: Sean MacGuire To: [email protected] Subject:...
macos.x.server.cgi.txt
Date: Thu, 3 Jun 1999 19:35:58 +0200 From: Juergen Schmidt To: [email protected] Subject: MacOS X system panic with CGI Hello all, when doing performance tests with different web servers, I found, that MacOS X Server running apache crashed under medium load, when I was calling CGI-scripts. It...
favicon.ico.search.txt
Date: Fri, 16 Apr 1999 22:11:22 -0700 From: "Robert David Graham" Subject: favicon.ico In case you haven't heard, Microsoft has a new feature in IE 5.0 web browser. When you add a website to you "Favorites" aka. Bookmarks for you Netscape users, the browser attempts to download a graphic called...