296 matches found
Three BadBlue Vulnerabilities
Advisory: Working Resources BadBlue Multiple Vulnerabilities Issue: Three vulnerabilities; a denial of service, an insecurity in password storage, and a file disclosure vulnerability that could allow viewing of the password file. Risk: Critical SecurityFocus: "Working Resources BadBlue Invalid Ge...
CVE-2002-0433
Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "" wildcard or asterisk character...
CVE-2001-1298
Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable...
CSSearch 2.3 - Remote Command Execution
CSSearch 2.3 - Remote Command Execution source: https://www.securityfocus.com/bid/4368/info csSearch is a website search script, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft operating systems. csSearch is prone to an issue which may enable an attacker to...
Cisco SN 5420 Storage Router vulnerable to DoS via HTTP request containing long headers
Overview It is possible to cause a denial of service of the Cisco SN 5420 Storage Router by sending a HTTP request with a large header. Description A vulnerability has been discovered in the Cisco SN 5420 Storage Router software versions 1.15 and earlier. By sending an HTTP request with a huge...
CVE-2001-1052
Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable...
CVE-1999-1417
Format string vulnerability in AnswerBook2 AB2 web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via encoded % characters in an HTTP request, which is improperly logged...
CVE-2001-0275
Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request...
Microsoft ISA Server 2000 Web Proxy - Denial of Service
Microsoft ISA Server 2000 Web Proxy - Denial of Service // source: https://www.securityfocus.com/bid/2600/info It is possible for a user to cause the Web Proxy service on a host running MS ISA Server to stop responding. If a HTTP request with an unusually long path is submitted, the Web Proxy...
Microsoft ISA Server 2000 Web Proxy - Denial of Service
// source: https://www.securityfocus.com/bid/2600/info It is possible for a user to cause the Web Proxy service on a host running MS ISA Server to stop responding. If a HTTP request with an unusually long path is submitted, the Web Proxy service could stop responding. This vulnerability is only...
Oracle Application Server ndwfn4.so HTTP Request Remote Overflow
It may be possible to make a web server execute arbitrary code by sending it a too long url starting with /jsp/ For example: GET /jsp/AAAA.....AAAAA C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10654; scriptversion"1.27"; scriptcvsdate"Date: 2018/07/16 14:09:13";...
Cisco (Multiple Products) - Automated Tool
Cisco Multiple Products - Automated Tool !/usr/bin/perl Written by hypoclear - http://hypoclear.cjb.net Thong-th-thong-th-thong.pl AKA thong.pl is a PERL script which automates several attacks against various Cisco products. To be specific: 12-13-00 - Cisco Catalyst ssh Protocol Mismatch DoS...
Cisco Multiple Products Automated Exploit Tool
Exploit for hardware platform in category dos / poc ============================================== Cisco Multiple Products Automated Exploit Tool ============================================== !/usr/bin/perl Written by hypoclear - http://hypoclear.cjb.net Thong-th-thong-th-thong.pl AKA thong.pl i...
CVE-2000-1114
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20"...
CVE-2000-0939
Samba Web Administration Tool SWAT in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart...
iCat Electronic Commerce Suite 3.0 - File Disclosure
source: https://www.securityfocus.com/bid/2126/info iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite. The Carbo Server component of the...