443 matches found
BOOZT! Standard 's administration cgi vulnerable to buffer overflow
BOOZT! is a banner management software for linux servers. It has a remote administration system based on web. I played with version 0.9.8alpha. Here is a reproduction of the bug: http://127.0.0.1:8080/cgi-bin/boozt/admin/index.cgi?section=5&input=1 Fill the "Name Field" with enough A's 770 was be...
CVE-2001-1205
Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to read arbitrary files via '..' sequences in the $errorlog variable...
CVE-2000-0967
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs...