Microsoft IIS 4.0/5.0/6.0 - Internal IP Address/Internal Network Name Disclosure

source: https://www.securityfocus.com/bid/3159/info A vulnerability has been discovered in Microsoft IIS that may disclose the internal IP address or internal network name to remote attackers. This vulnerability can be exploited if an attacker connects to a host using HTTPS typically on port 443...

CVE-2000-0448

CVE-2000-0448 affects WebShield SMTP Management Tool 4.5.44. The vulnerability is an access-control flaw: the management port is not properly restricted when an IP address does not resolve to a hostname, allowing remote access to the configuration via the GET_CONFIG command. Documentation notes a...

DST2K0032: Multiple Issues with Talentsoft WebPlus Application Server

============================================================================ Delphis Consulting Plc ============================================================================ Security Team Advisories 19/09/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...

DST2K0032.txt

============================================================================ Delphis Consulting Plc ============================================================================ Security Team Advisories 19/09/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...

TalentSoft Web+ ClientMonitorserver 4.6 - Internal IP Address Disclosure

TalentSoft Web+ ClientMonitorserver 4.6 - Internal IP Address Disclosure source: https://www.securityfocus.com/bid/1720/info Talentsoft Web+ is a web application server that can be integrated with various web technologies. A vulnerability exists in one of the CGI applications implemented by Web+...

TalentSoft Web+ Client/Monitor/server 4.6 - Internal IP Address Disclosure

source: https://www.securityfocus.com/bid/1720/info Talentsoft Web+ is a web application server that can be integrated with various web technologies. A vulnerability exists in one of the CGI applications implemented by Web+. It is possible for a remote user to retrieve the internal IP address in ...

Microsoft IIS 2.0/3.0/4.0/5.0/5.1 - Internal IP Address Disclosure

source: https://www.securityfocus.com/bid/1499/info When a remote user attempts to access an area protected by basic authentication with no realm defined, while specifying HTTP 1.0, Microsoft IIS will return an Access Denied error message containing the internal IP address of the host. Even if II...

Microsoft IIS 2.03.04.05.05.1 - Internal IP Address Disclosure

Microsoft IIS 2.03.04.05.05.1 - Internal IP Address Disclosure source: https://www.securityfocus.com/bid/1499/info When a remote user attempts to access an area protected by basic authentication with no realm defined, while specifying HTTP 1.0, Microsoft IIS will return an Access Denied error...

PIX Firewall 2.7/3.x/4.x/5 - Forged TCP RST

// source: https://www.securityfocus.com/bid/1454/info A connection through a Cisco Secure PIX Firewall can be reset by a third party if the source and destination IP addresses and ports of the connection can be determined or inferred. This can be accomplished by sending a forged TCP Reset RST...

CVE-2000-0181

CVE-2000-0181 affects Check Point Firewall-1 3.0 and 4.0, where leaked packets can reveal private IP addresses, allowing remote attackers to infer the real IP of the host initiating the connection. The vulnerability is a confidentiality issue (PARTIAL impact) with network attack vector and no aut...

CVE-2000-0185

Technical details about CVE-2000-0185 are not publicly provided in the supplied documents. Monitor for updates from official sources for any affected products, scope, impact, and remediation.

CVE-2000-0181

Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection...

CVE-2000-0185

RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private...

CVE-2000-0181

Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection...

CVE-2000-0185

RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private...

GameHouse dldisplay - ActiveX control 0 Real Server 5.07.0 Internal IP Address Disclosure

GameHouse dldisplay - ActiveX control 0 Real Server 5.07.0 Internal IP Address Disclosure source: https://www.securityfocus.com/bid/1049/info By default, Real Server includes the IP address of the server in data sent to the client. If the Real Server is installed on a machine in a NAT environment...

GameHouse dldisplay - ActiveX control 0 / Real Server 5.0/7.0 Internal IP Address Disclosure

source: https://www.securityfocus.com/bid/1049/info By default, Real Server includes the IP address of the server in data sent to the client. If the Real Server is installed on a machine in a NAT environment, where requests from the outside network are handled by reverse proxy, this will reveal...

CVE-1999-0195

Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1...

CVE-1999-1087

Internet Explorer 4 treats a 32-bit number "dotless IP address" in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that conta...

webramp.DoS.txt

Date: Wed, 31 Mar 1999 15:28:22 -0500 EST From: X-Force To: [email protected] Cc: X-Force Subject: ISSalert: ISS Security Advisory -- WebRamp Denial of Service Attacks TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with...