Denial of Service in Lotus Domino 5.08 and earlier HTTP Server

There exists a DOS in the current version of Lotus Domino 5.08 and earlier. The DOS manifests itself on Lotus Domino servers with the http task running and ssl enabled. A connection to the victim on port 443 with the nmap '-sR' switch will target this port with SunRPC program NULL commands in an...

Alert: Vulnerability in frox transparent ftp proxy.

There is a security hole in all the 0.6.x versions of the frox transparent ftp proxy up to and including version 0.6.6. Version 0.6.7 fixes this vulnerability, and upgrading to this is advised. Development snapshots are also affected up to and including frox-20011031.tar.gz. The vulnerability is...

CVE-2001-0731

Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string...

CVE-2001-1018

Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / slash characters...

CVE-1999-1464

CVE-1999-1464 affects Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled. The issue allows bypassing certain access-control lists when switching traffic from a DFS-enabled interface to an interface without DFS enabled, as described by Cisco bug CSCdk35564. Connected sources...

CVE-2001-1154

Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service hang using PHP IMAP clients...

Compaq web-enabled management software acts as generic proxy

Overview Remote attackers may be able to relay connections through systems running the Compaq web-enabled management software. Attackers relaying connection in this way may be able to access restricted portions of the network or disguise their identity while attacking other systems. Many Compaq...

CVE-2000-0309

The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service...

Cisco PIX Security Notes

Cisco PIX Notes -- Introduction This is a simples paper on which i wrote down some note about "Cisco PIX Firewall" so it isn't well organized or talk specifically about a vulnerability . All test it's about THE latest pix release on this pix: Cisco Secure PIX Firewall Version 5.31 Hardware: SE442...

Filemaker Pro 5.0v3 and below does not adequately protect web-enabled databases

Overview FileMaker may expose data inadvertently. Description FileMaker Web Companion prior to version 5.0v4 permits unauthorized access to data even if the database manager believes that data is protected by Field Level Security. --- Impact Attackers can read information, including items such as...

CVE-2000-0668

pamconsole PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled...

@stake Advisory: PHP3/PHP4 Logging Format String Vulnerability (A 101200-1)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We contacted the PHP team on 10/3/2000 concerning this problem. We wanted to hold off releasing our advisory until a fix was available for PHP3 since some users may not be able to easily upgrade to PHP4. Fixes for PHP3 and PHP4 are now available. We a...

Conectiva 4.x5.x RedHat 6.x - pam_console Remote User

Conectiva 4.x5.x RedHat 6.x - pamconsole Remote User source: https://www.securityfocus.com/bid/1513/info There is a vulnerability in the Linux pamconsole module that could allow an attacker to remotely reboot the workstation or perform other actions limited to local users. If a workstation is...

Netscape Enterprise Server 3.03.63.51 - Directory Indexing

Netscape Enterprise Server 3.03.63.51 - Directory Indexing // source: https://www.securityfocus.com/bid/1063/info Netscape Enterprise Server 3.x includes a poorly documented feature that will allow remote users to view directory listings by appending various instructional tags to the URL. Althoug...

Netscape Enterprise Server 3.0/3.6/3.51 - Directory Indexing

// source: https://www.securityfocus.com/bid/1063/info Netscape Enterprise Server 3.x includes a poorly documented feature that will allow remote users to view directory listings by appending various instructional tags to the URL. Although it can be disabled, Netscape Enterprise Server is shipped...

CVE-1999-0497

Technical details such as affected product, versions, root cause, and remediation are not publicly provided in the supplied documents. Monitor for updates.

CVE-1999-0809

Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed"...

CVE-1999-0809

CVE-1999-0809 affects Netscape Communicator 4.x with Javascript enabled, where the browser does not warn users about cookie settings even when the user has selected 'Only accept cookies originating from the same server as the page being viewed'. Relevant connected sources (Red Hat, NVD/NIST, CVE ...

CVE-1999-1017

Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message...

PT-1999-1365 · Netscape · Netscape Communicator

Name of the Vulnerable Software and Affected Versions: Netscape Communicator version 4.x Description: The issue concerns Netscape Communicator 4.x with Javascript enabled, where it does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating...