Agora.CGI 3.x4.0 - Debug Mode Cross-Site Scripting

Agora.CGI 3.x4.0 - Debug Mode Cross-Site Scripting source: https://www.securityfocus.com/bid/3702/info Agora.cgi is a freely available, open source shopping cart system. When debug mode is enabled, the Agora.cgi script does not adequately filter HTML tags when debug information is being output...

WU-FTPD configured to use RFC 931 authentication running in debug mode contains format string vulnerability

Overview WU-FTPD contains a format string vulnerability that manifests when WU-FTPD is configured to use RFC 931 authentication and is run in debug mode. A crafted identd response could be used to execute arbitrary code on a vulnerable server. Description A format string vulnerability exists in t...

ColdFusion Debug Mode Information Disclosure

It is possible to see the ColdFusion Debug Information by appending '?Mode=debug' at the end of the request. ColdFusion 4.5 and 5.0 are definitely concerned probably in addition older versions. The Debug Information usually contain sensitive data such as Template Path or Server Version...

CVE-2001-0715

Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode...

CVE-2001-1462

WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive information...

CVE-2001-0715

CVE-2001-0715 affects Sendmail up to version 8.12.0/8.12.x prior to 8.12.1. The flaw allows a local user to disclose sensitive information about the mail queue by enabling debug flags (-d) when RestrictQueueRun is not enabled. The OpenVAS/Nessus entries confirm the vulnerability is a local inform...

CVE-2001-0412

CVE-2001-0412 affects Cisco Content Services (CSS) switch products 11800 and earlier (Arrowpoint). The vulnerability allows a local user to gain privileges by entering debug mode, with a CVSSv2 base score of 7.2 (HIGH): local attack vector, low complexity, no authentication, andComplete impact on...

CVE-2001-0412

Cisco Content Services CSS switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode...

CVE-1999-1141

Ascom Timeplex router allows remote attackers to obtain sensitive information or conduct unauthorized activities by entering debug mode through a sequence of CTRL-D characters...

CVE-2001-0412

Cisco Content Services CSS switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode...

CVE-2001-0187

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment...

CVE-2001-0187

CVE-2001-0187 concerns WU-FTPD up to version 2.6.1, where a format-string vulnerability in debug mode can allow remote code execution. The issue affects WU-FTPD when using RFC 931 authentication with debugging enabled, potentially letting an attacker craft ident responses that are logged by the s...

Локальная дырка в Cisco Content Services (Arrowpoint) (debug mode)

Пользователь может переключится в режим отладки, из которого получить административные привелегии...

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode,...

WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String

source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode, Wu-ftpd logs user activity to syslog in an insecure manner. An...

CVE-2000-1040

CVE-2000-1040 concerns a format string vulnerability in the logging function of ypbind 3.3 when run in debug mode. The flaw can leak file descriptors and allow a denial of service. Some sources (Mandrake MDKSA-2000:064) also mention a related buffer overflow in ypserv if the build system lacks vs...

CVE-2000-1040

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service...

Дырка в agetty

Ошибка форматной строки в режиме отладки при разборе аргументов...

CVE-1999-1141

Ascom Timeplex router allows remote attackers to obtain sensitive information or conduct unauthorized activities by entering debug mode through a sequence of CTRL-D characters...