15 matches found
EServ 2.9x - Directory Indexing
EServ 2.9x - Directory Indexing source: https://www.securityfocus.com/bid/7669/info EServ does not sufficiently prevent web users from being able to view directory indexes. This may result in disclosure of sensitive information. GET /? HTTP/1.1...
EType EServ 2.98/2.99/3.0 - Resource Exhaustion (Denial of Service) (2)
// source: https://www.securityfocus.com/bid/7552/info A denial of service vulnerability has been reported for EServ. The vulnerability exists due to the way the server handles connections. Specifically, memory allocated for open connections are not properly freed when a connection no longer...
EType EServ 2.982.993.0 - Resource Exhaustion (Denial of Service) (2)
EType EServ 2.982.993.0 - Resource Exhaustion Denial of Service 2 // source: https://www.securityfocus.com/bid/7552/info A denial of service vulnerability has been reported for EServ. The vulnerability exists due to the way the server handles connections. Specifically, memory allocated for open...
EType EServ 2.982.993.0 - Resource Exhaustion (Denial of Service) (1)
EType EServ 2.982.993.0 - Resource Exhaustion Denial of Service 1 source: https://www.securityfocus.com/bid/7552/info A denial of service vulnerability has been reported for EServ. The vulnerability exists due to the way the server handles connections. Specifically, memory allocated for open...
EType EServ 2.98/2.99/3.0 - Resource Exhaustion (Denial of Service) (1)
source: https://www.securityfocus.com/bid/7552/info A denial of service vulnerability has been reported for EServ. The vulnerability exists due to the way the server handles connections. Specifically, memory allocated for open connections are not properly freed when a connection no longer exists...
EServ/2.97 remote DoS
Damage Hacking Group security advisory www.dhgroup.org Product: EServ/2.97 Authors: Etype Co. www.eserv.ru Vulnerable versions: up to v.2.97, may be 2.98 Not vulnerable versions: v.2.99 Vulnerability: remote DoS Overview-------------------------------------------------------------- From EServ's...
CVE-2002-0221
Etype Eserv 2.97 allows remote attackers to cause a denial of service resource exhaustion via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV...
EServ 2.9x - Password-Protected File Access
EServ 2.9x - Password-Protected File Access source: https://www.securityfocus.com/bid/3838/info EServ is a combination Mail, News, Web, FTP and Proxy Server for Microsoft Windows 9x/NT/2000 systems. It is possible to construct a web request which is capable of accessing the contents of password...
CVE-2000-0523
Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command...
CVE-2000-0907
EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands...
CVE-2000-0907
EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands...
MDMA Advisory #6: EServ Logging Heap Overflow Vulnerability
MDMA Advisory 6 by Andrew Lewis aka. Wizdumb EServ Logging Heap Overflow Vulnerability EServ has problems handling long strings in its logging, which leads it to have a remotely exploitable heap overflow. The following code, written in Java coz it's my language of choice, demonstrates the...
mdma-6.eserv.txt
MDMA Advisory 6 by Andrew Lewis aka. Wizdumb EServ Logging Heap Overflow Vulnerability EServ has problems handling long strings in its logging, which leads it to have a remotely exploitable heap overflow. The following code, written in Java coz it's my language of choice, demonstrates the...
CVE-2000-0523
Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command...
Eserv GET Request Traversal Arbitrary File Access
The version of Eserv running on the remote host is vulnerable to a directory traversal attack. It is possible to read arbitrary files on the server by prepending ../../ or ....\ in front of the file name. A remote attacker could exploit this to read arbitrary files on the server, which could be...