27 matches found
CVE-1999-0881
Falcon web server allows remote attackers to read arbitrary files via a .. dot dot attack...
CVE-1999-0882
Falcon web server allows remote attackers to determine the absolute path of the web root via long file names...
EUVD-2002-0272
Malware in sbrugna...
EUVD-1999-0862
Malware in sbrugna...
EUVD-1999-0863
Malware in sbrugna...
EUVD-2002-0890
Malware in sbrugna...
EUVD-2002-2296
Malware in sbrugna...
CVE-2002-2318
Cross-site scripting XSS vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages...
CVE-2002-2318
Cross-site scripting XSS vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages...
CVE-2002-2318
CVE-2002-2318 affects Falcon Web Server 2.0.0.1009 through 2.0.0.1021. The vulnerability is a cross-site scripting (XSS) flaw where an attacker can inject arbitrary script/HTML via the request URI, which is then embedded in 301 error messages and rendered by 404 error responses. The underlying ca...
CVE-2002-0275
Falcon web server 2.0.0.1020 and earlier allows remote attackers to bypass authentication and read restricted files via an extra / slash in the requested URL...
CVE-2002-0275
The CVE-2002-0275 entry concerns Falcon web server (versions 2.0.0.1020 and earlier) where remote attackers can bypass authentication and read restricted files by sending a URL with an extra trailing slash (an additional / in the request). The vulnerability stems from how the server processes the...
CVE-2002-2318
Cross-site scripting XSS vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages...
CVE-2002-0899
Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . dot...
CVE-2002-0899
Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . dot...
CVE-2002-0899
Falcon web server 2.0.0.1021 and earlier is vulnerable to an access-restrictions bypass for protected files when a URL’s directory portion ends with a dot. The flaw allows remote attackers to bypass access controls, potentially exposing protected content. The CVE record repeatedly states the affe...
Cross-Site Scripting Issues in Falcon Web Server
From Developer: "Falcon Web Server is running under Windows NT/2000/XP as well as Windows 95/98. It supports ISAPI and WinCGI, and it is a fully functional web server which is capable of running a small / medium scale website of about 50-80 hits per minute. The real advantage of Falcon Web Server...
BlueFace Falcon Web Server 2.0 - Error Message Cross-Site Scripting
BlueFace Falcon Web Server 2.0 - Error Message Cross-Site Scripting source: https://www.securityfocus.com/bid/5435/info Falcon Webserver does not sufficiently sanitize HTML tags from error message output. In particular, attackers may inject HTML into 301 and 404 error pages. It is possible to...
CVE-2002-0275
Falcon web server 2.0.0.1020 and earlier allows remote attackers to bypass authentication and read restricted files via an extra / slash in the requested URL...
Falcon Web Server Authentication Circumvention Vulnerability
Strumpf Noir Society Advisories ! Public release ! -- -= Falcon Web Server Authentication Circumvention Vulnerability =- Release date: Wednesday, February 13, 2002 Introduction: Falcon Web Server is a ISAPI and WinCGI supporting web server running on the Microsoft Windows OS's. Falcon Web Server ...