Apache Httpd < 1.3.12 : Cross-site scripting can reveal private session information

Apache was vulnerable to cross site scripting issues. It was shown that malicious HTML tags can be embedded in client web requests if the server or script handling the request does not carefully encode all information displayed to the user. Using these vulnerabilities attackers could, for example...

CVE-2000-0079

The CVE-2000-0079 entry concerns CERN httpd's path disclosure vulnerability. Public sources in connected documents indicate that remote attackers could determine the real pathnames of certain commands by requesting a nonexistent URL, with additional details from Nessus showing an information-disc...

Apache Httpd < 1.3.11 : Mass virtual hosting security issue

A security problem can occur for sites using mass name-based virtual hosting using the new modvhostalias module or with special modrewrite rules...

CERN httpd Virtual Web Path Disclosure

The remote host appears to be running CERN httpd. It was possible to get the physical location of a virtual web directory by issuing the request : GET /cgi-bin/ls HTTP/1.0 A remote attacker could use this information to mount further attacks. C Tenable Network Security, Inc. include"compat.inc";...

CVE-1999-0947

AN-HTTPd server is affected by a remote command execution risk due to default CGI scripts test.bat, input.bat, input2.bat, and ssi/envout.bat that allow shell metacharacters. Exploitation would enable an attacker to run arbitrary commands on the remote host. The vulnerability details are drawn fr...

CVE-1999-0947

AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters...

Netscape FastTrack Server 2.0.1a - GET Buffer Overflow

// source: https://www.securityfocus.com/bid/908/info The version of Netscape FastTrack server that ships with UnixWare 7.1 is vulnerable to a remote buffer overlow. By default, the httpd listens on port 457 of the UnixWare host and serves documentation via http. If you pass the server a GET...

ex_anhttpd.txt

by Message by Thread Post Reply To: BugTraq Subject: Some holes for Win/UNIX softwares Date: Tue Nov 02 1999 22:39:56 Author: UNYUN Message-ID: ------------------------------------------------------------------------ 3 AN-HTTPd 1.20b Problem: The test CGIs which are distributed with AN-HTTPd 1.20...

CVE-1999-0947

AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters...

AN-HTTPd 1.2b - CGI s

AN-HTTPd 1.2b - CGI s source: https://www.securityfocus.com/bid/762/info Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data. http://www.xxx.yy/cgi-bin/input.bat?|dir....\windows...

AN-HTTPd Multiple Test CGIs Arbitrary Command Execution

The remote web server is an AN-HTTPD server which contains default CGI scripts. At least one of these CGIs is installed on the remote server : cgi-bin/test.bat cgi-bin/input.bat cgi-bin/input2.bat ssi/envout.bat It is possible to misuse them to make the remote server execute arbitrary commands...

Linux_mini-sql_bof.txt

hi, i was looking for an exploitable buffer overflow in w3-msql from Hughes Technology since there was many security flaws inside. There is a static variable named PrivateScript in main function with a 255 chars size length. No luck ! main finish everywhere with an exit call. The http internal...

CVE-1999-0236

The CVE-1999-0236 entry describes a vulnerability in the ScriptAlias directory handling in NCSA and Apache httpd that allowed attackers to read CGI programs. Affected software is the Apache httpd family utilizing ScriptAlias configuration; the underlying issue is directory handling enabling discl...

CVE-1999-0071

CVE-1999-0071 affects the Apache httpd server prior to 1.1.2 (versions 1.1.1 and earlier) due to a cookie header buffer overflow. The root cause is a vulnerable handling of the HTTP Cookie header (too long name/value) that can cause the server to crash. Some connected sources describe the impact ...

CVE-2000-1206

Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using modrewrite, or modvhostalias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files...

Debian 2.1 - HTTPd

Debian 2.1 - HTTPd source: https://www.securityfocus.com/bid/318/info The Debian GNU/Linux 2.1 apache package by default allows anyone to view /usr/doc via the web, remotely. This is because srm.conf is preconfigured with the line: Alias /doc/ /usr/doc/ Boa is also preconfigured this way. lynx...

Netscape FastTrack Server 3.0.1 - Fasttrack Root Directory Listing

Netscape FastTrack Server 3.0.1 - Fasttrack Root Directory Listing source: https://www.securityfocus.com/bid/481/info Netscape's Fasttrack server is supposed to display a directory listing if the follwing three conditions are met: 1: Directory listing is enabled 2: No filename is specified in the...

Apache Httpd < 1.3.2 : Multiple header Denial of Service vulnerability

A serious problem exists when a client sends a large number of headers with the same header name. Apache uses up memory faster than the amount of memory required to simply store the received data itself. That is, memory use increases faster and faster as more headers are received, rather than...

textcounter.pl 1.2 - Arbitrary Command Execution

textcounter.pl 1.2 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of...

CVE-1999-0071

Apache httpd cookie buffer overflow for versions 1.1.1 and earlier...