EUVD-1999-1031

Malware in sbrugna...

Matt Wright FormHandler.cgi 2.0 Reply Attachment Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/799/info Any file that the FormHandler.cgi has read access to the cgi is typically run as user 'nobody' on Unix systems can be specified as an attachment in a reply email. This could allow an attacker to gain access to...

CVE-1999-1051

The CVE-1999-1051 entry concerns the Matt Wright FormHandler.cgi script. A default configuration allows arbitrary directories to be used for attachments, with access only restricted to /etc/; this enables remote attackers to read arbitrary files via the reply_message_attach parameter. The NVD met...

CVE-1999-1050

The CVE-1999-1050 issue is a directory-traversal vulnerability in Matt Wright FormHandler.cgi that enables remote attackers to read arbitrary files. Exploitation vectors include (1) using .. in the reply_message_attach parameter and (2) specifying a filename as a template. The NVD entry notes a C...

CVE-1999-1050

Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via 1 a .. dot dot in the replymessageattach attachment parameter, or 2 by specifying the filename as a template...

Matt Wright - FormHandler.cgi 2.0 Reply Attachment

Matt Wright - FormHandler.cgi 2.0 Reply Attachment source: https://www.securityfocus.com/bid/799/info Any file that the FormHandler.cgi has read access to the cgi is typically run as user 'nobody' on Unix systems can be specified as an attachment in a reply email. This could allow an attacker to...

CVE-1999-1050

Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via 1 a .. dot dot in the replymessageattach attachment parameter, or 2 by specifying the filename as a template...