Inso DynaWeb httpd 3.1/4.0.2/4.1 Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to a remotely...

dwhttpd < 4.2 GET Request Remote Format String (deprecated)

Binary data 1506.prm...

SUN Answer Book buffer overflow

Buffer overflow in CGI and format string bug in dwhttpd...

CVE-1999-1416

CVE-1999-1416 affects the AnswerBook2 (AB2) web server dwhttpd 3.1a4. A remote attacker can trigger a denial of service by sending an HTTP POST with a large Content-Length, exhausting resources. No exploitation details or patches are provided in the connected documents.

CVE-1999-1417

The CVE-1999-1417 entry documents a format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3.1a4. The issue arises in the web server’s handling of HTTP requests containing encoded percent characters, which are logged improperly. This can lead to a denial of service and, in some cases...

CVE-2000-0696

The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script...

CVE-2000-0696

The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script...

CVE-2000-0696

The CVE-2000-0696 entry concerns the dwhttpd web server’s administration interface in Solaris AnswerBook2 . The vulnerability arises because the admin interface does not properly authenticate requests to its supporting CGI scripts, enabling a remote attacker to add user accounts by directly invok...

CVE-2000-0697

The connected Nessus entry identifies a concrete vulnerability: Sun AnswerBook2 Web Server dwhttpd is vulnerable to a GET request remote format string attack. Affected versions include dwhttp/4.0.2a7a and dwhttpd/4.1a6. Successful exploitation can crash the server or allow arbitrary code executio...

Vulnerabilities in Sun Solaris AnswerBook2 dwhttpd server

ID: S21SEC-004-en Title: Vulnerabilities in Sun Solaris AnswerBook2 dwhttpd server Date: 07/08/2000 Status: Vendor contacted, Solved Scope: Remote command execution Platforms: Solaris 2.6, Solaris 8 Author: llmora Location: http://www.s21sec.com/en/avisos/s21sec-004-en.txt Release: Public S 2 1 S...