10 matches found
EUVD-2001-0229
Malware in sbrugna...
EUVD-2001-0624
Malware in sbrugna...
CVE-2001-0634
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service...
CVE-2001-0634
Sun Chili!Soft ASP has weak permissions on various configuration files, enabling a local attacker to gain additional privileges and cause a denial of service. Affected product: Sun Chili!Soft ASP. Root cause: insecure/weak permissions on configuration files. CVSS v2 base score 7.2 (HIGH) with loc...
CVE-2001-0633
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' dot dot attack in the sample script 'codebrws.asp'...
CVE-2001-0634
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service...
CVE-2001-0633
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' dot dot attack in the sample script 'codebrws.asp'...
CVE-2001-0229
The CVE affects Chili!Soft ASP for Linux before 3.6. In inherited mode it missets group privileges, enabling local privilege escalation via malicious scripts. Impact is described as complete confidentiality, integrity, and availability losses. No explicit remediation steps are documented in the p...
CVE-2001-0229
Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts...
Advisory: Chili!Soft ASP Multiple Vulnerabilities
Author: Stan Bubrouski [email protected] Date: February 20, 2001 Package: Chili!Soft ASP Versions affected: 3.5.2 and possibly previous versions. Severity: 1 A remote user could potentially view sensative information and take remote control of the server. 2 The installer installs a default usernam...