3860 matches found
Physical path leakage in ColdFusion
Error message on access attempt to DOS device contains physical path...
KPMG-2002013: Coldfusion Path Disclosure
-------------------------------------------------------------------- Title: Coldfusion Path Disclosure BUG-ID: 2002013 Released: 18th Apr 2002 -------------------------------------------------------------------- Problem: ======== Requests for certain DOS-devices are parsed by the isapi filter tha...
PHP-Nuke 5.x - Error Message Web Root Disclosure
PHP-Nuke 5.x - Error Message Web Root Disclosure source: https://www.securityfocus.com/bid/4333/info PHP-Nuke is a popular web based Portal system. It allows users to create accounts and contribute content to the site. A vulnerability has been reported in some versions of PHP-Nuke. Reportedly, a...
CVE-2001-0658
Cross-site scripting CSS vulnerability in Microsoft Internet Security and Acceleration ISA Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message...
Microsoft IIS 4.0/5.0/5.1 - Authentication Method Disclosure
source: https://www.securityfocus.com/bid/4235/info Microsoft IIS supports Basic and NTLM authentication. Reportedly, the authentication methods supported by a given IIS server can be revealed to an attacker through the inspection of returned error messages, even when anonymous access is also...
CVE-2001-1372
Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message...
CVE-2001-1073
Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information in the variables 1 APPLPHYSICALPATH, 2 PATHTRANSLATED, and 3 LOCALADDR...
CVE-2001-0829
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message...
Ssdpsrv.exe in WindowsME
By connecting to a computer running Ssdpsrv you are able to crash the Ssdpsrv server. Ssdpsrv.exe is the file that starts the UPnP server on WindowsME boxes. This service comes standard with the WindowsME installation. The Ssdpsrv.exe server is started at boot. Here is the registry entry:...
CVE-2000-1191
htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes the full path...
CVE-2000-1191
htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes the full path...
CVE-2001-1073
Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information in the variables 1 APPLPHYSICALPATH, 2 PATHTRANSLATED, and 3 LOCALADDR...
Jakarta Tomcat 3.x/4.0 - Error Message Information Disclosure
source: https://www.securityfocus.com/bid/3199/info When a malformed request is made for a Java Server Page the server displays an error page. The error page contains potentially sensitive information, along with the absolute path of the JSP file on the webserver, which may aid in further attacks...
CVE-2001-1161
Cross-site scripting CSS vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script...
CVE-2001-1084
Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message...
Qpopper 4.0.3 **** Fixes Buffer Overflow ****
Qpopper 4.0.3 is available at ftp://ftp.qualcomm.com/eudora/servers/unix/popper/. 4.0.3 FIXES A BUFFER OVERFLOW PRESENT IN ALL VERSIONS OF 4.0 -- PLEASE UPGRADE IMMEDIATELY Changes from 4.0.2 to 4.0.3: ---------------------------- 1. Don't call SSLshutdown unless we tried to negotiate an SSL...
Netscape Messenging Server POP3 Error Message User Account Enumeration
The remote POP server allows an attacker to obtain a list of valid logins on the remote host, thanks to a brute-force attack. If the user connects to this port and issues the commands : USER 'someusername' PASS 'whatever' the user will then get a different response whether the account...
BRS Webweaver 0.x - FTP Root Full Path Disclosure
source: https://www.securityfocus.com/bid/2676/info BRS WebWeaver is an ftpd and webserver from Blaine Southam. WebWeaver's FTP component has a flaw which can permit a remote user to learn the physcial path to the FTP service's root directory. By submitting the FTP command CD argumented by an...
DGUX lpsched buffer overflow
Hi there! There's a vulnerability in DG's UNIX implementation DGUX, version R4.20MU06 and MU02 ia32 arch. The problem is when a very long, non-existant, printer name is passed to the program lpsched. It tries to format an error message and then the buffer overflow occurs... Data General was told...
DG/UX 4.20 lpsched - 'Error Message' Local Buffer Overflow
// source: https://www.securityfocus.com/bid/2509/info DGUX is the Data General revision of UNIX. It is designed as a solution for Intel systems produced by Data General. A problem in the handling of error messages by the printer scheduler could allow arbitrary execution of code. By placing a...