20 matches found
EUVD-1999-0703
Malware in sbrugna...
EUVD-2000-0233
Malware in sbrugna...
EUVD-2000-0116
Malware in sbrugna...
EUVD-2000-0430
Malware in sbrugna...
CVE-1999-0722
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages...
Cobalt RaQ2 cgiwrap
'cgiwrap SPDX-FileCopyrightText: 1999 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10041";...
CVE-2000-0117
The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin root...
CVE-2000-0117
On Cobalt RaQ2 servers, the siteUserMod.cgi CGI allows a Site Administrator to modify passwords for other users, including other Site Administrators and possibly the admin (root). This is a local vulnerability with high impact (confidentiality, integrity, availability) per CVSS 2.0 base score 7.2...
CVE-2000-0431
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files...
CVE-2000-0431
Cobalt RaQ2/RaQ3 systems with FrontPage uploads expose a permissions/ownership misconfiguration that allows bypassing cgiwrap and modifying uploaded files. The issue is documented in CVE-2000-0431 with references in NVD/CVE records and corroborated by OpenVAS/Nessus entries mentioning cgiwrap vul...
CVE-2000-0234
CVE-2000-0234 affects the Cobalt RaQ2 and RaQ3 appliances via the default access.conf configuration, which permits remote attackers to view the contents of a ".htaccess" file. The root cause is the default configuration allowing this exposure, leading to partial confidentiality impact. The connec...
CVE-2000-0234
The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file...
CVE-2000-0431
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files...
CVE-2000-0234
The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file...
CVE-2000-0117
The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin root...
CVE-1999-0722
The CVE-1999-0722 entry concerns Cobalt RaQ2 servers. The provided documents state that the default configuration allows remote users to install arbitrary software packages, indicating a permission/config issue in the default setup. No concrete exploit details, affected software versions, root ca...
CVE-1999-0722
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages...
Cobalt RaQ2 cgiwrap Multiple Vulnerabilities
The remote host has 'cgiwrap' is installed. If you are running an unpatched Cobalt RaQ, the version of cgiwrap distributed with that system has a known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon root or nobody. This flaw exists only on the...
cobalt.cgiwrap.txt
There is a problem actually several with the "cgiwrap" program on Cobalt RaQ2 servers. It is supposed to run CGI programs as the proper user instead of "nobody" to make CGIs a little more secure. The Cobalt directory structure is as follows: /home/sites/site1/ - top level directory of the site...
CVE-1999-0722
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages...