Lucene search
K

556 matches found

RubySec
RubySec
added 2008/03/04 12:0 a.m.5 views

Directory traversal vulnerability in WEBrick

Directory traversal vulnerability in WEBrick when running on systems that support backslash path separators or case-insensitive file names, allows remote attackers to access arbitrary files via 1 "..%5c" encoded backslash sequences or 2 filenames that match patterns in the :NondisclosureName opti...

5CVSS5.6AI score0.18163EPSS
Exploits1References1Affected Software1
Atlassian
Atlassian
added 2008/02/07 6:4 a.m.17 views

Trusted authentication doesn't work for Confluence users with uppercase usernames

Trying to use the trusted authentication feature of the Jiraissues macro doesn't work when a user's username is uppercase. JIRA shows the following in its log: quote 2008-01-23 13:59:48,104 INFO STDOUT 2008-01-23 13:59:48,104 ajp-0.0.0.0-6103-8 WARN atlassian.seraph.filter.TrustedApplicationsFilt...

2.7AI score
Exploits0Affected Software1
Debian CVE
Debian CVE
added 2006/08/14 8:0 p.m.41 views

CVE-2006-4110

Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase or alternate case characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems...

4.3CVSS6.5AI score0.37365EPSS
Exploits1
NVD
NVD
added 2006/03/12 9:2 p.m.16 views

CVE-2006-1166

Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking out that file on a case-insensitive file system such as Windows or Mac OS X, places the file into the "MT" bookkeeping directory, which could allow context-dependent attackers to execute arbitrary...

3.7CVSS7.2AI score0.00312EPSS
Exploits0References5
Prion
Prion
added 2006/03/12 9:2 p.m.17 views

Design/Logic Flaw

Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking out that file on a case-insensitive file system such as Windows or Mac OS X, places the file into the "MT" bookkeeping directory, which could allow context-dependent attackers to execute arbitrary...

3.7CVSS7.7AI score0.00312EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/03/12 9:0 p.m.21 views

CVE-2006-1166

Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking out that file on a case-insensitive file system such as Windows or Mac OS X, places the file into the "MT" bookkeeping directory, which could allow context-dependent attackers to execute arbitrary...

7.2AI score0.00312EPSS
Exploits0References5
NVD
NVD
added 2006/02/18 2:2 a.m.9 views

CVE-2006-0760

LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP...

2.6CVSS6.5AI score0.02236EPSS
Exploits0References6
Prion
Prion
added 2006/02/18 2:2 a.m.15 views

Design/Logic Flaw

LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP...

2.6CVSS7AI score0.02236EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2006/02/16 12:0 a.m.43 views

[SA18869] Lighttpd Case-Insensitive Filename Source Code Disclosure

TITLE: Lighttpd Case-Insensitive Filename Source Code Disclosure SECUNIA ADVISORY ID: SA18869 VERIFY ADVISORY: http://secunia.com/advisories/18869/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: lighttpd 1.x http://secunia.com/product/4661/...

0.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2005/12/23 12:0 a.m.6 views

PT-2005-5196 · Webwasher · Webwasher Csm Appliance Suite

Name of the Vulnerable Software and Affected Versions: Webwasher CSM Appliance Suite version 5.x Description: The encapsulation script mechanism in the affected software uses case-sensitive detection of malicious tokens. This allows attackers to bypass script detection by using tokens that can be...

5CVSS7.2AI score0.01559EPSS
Exploits0References7
Cvelist
Cvelist
added 2005/08/05 4:0 a.m.23 views

CVE-2002-2119

Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing...

9.6AI score0.02665EPSS
Exploits0References3
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.23 views

CVE-2002-0394

Red-M 1050 Bluetooth Access Point uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords...

6.5AI score0.01712EPSS
Exploits1References2
NVD
NVD
added 2002/12/31 5:0 a.m.20 views

CVE-2002-2119

Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing...

9.8CVSS9.6AI score0.02665EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2002/12/31 12:0 a.m.4 views

PT-2002-2839 · Novell · Novell Edirectory

Name of the Vulnerable Software and Affected Versions: Novell eDirectory versions 8.6.2 through 8.7 Description: The issue allows remote attackers to conduct brute force password guessing more easily due to the use of case insensitive passwords. Recommendations: For Novell eDirectory versions 8.6...

9.8CVSS6.7AI score0.02665EPSS
Exploits0References5
securityvulns
securityvulns
added 2001/06/13 12:0 a.m.77 views

Mac OS X - Apache & Case Insensitive Filesystems

Environment: Mac OS X 10.0.3 / Darwin 1.3.3 Apache 1.3.14 This is the the default setup, out of the box, with available software updates installed. Please note, this is OS X Client. Who is affected: Everybody who used Apache on Mac OS X Client with the following conditions: + Documents are on a...

Exploits0
securityvulns
securityvulns
added 2001/06/13 12:0 a.m.43 views

Проблемы с защитой директорий в Apache под MacOS (case insensitive filesystem)

При использовании файловой системы с наименованием файлов не чуствительным к реестру можно обойти защиту каталогов...

0.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder