1010 matches found
WS_FTP Home/Professional FTP Client Remote Format String PoC
No description provided by source. Ipswitch WSFTP Home/WSFTP Professional FTP Client Remote Format String vulnerability Vendor : http://www.ipswitch.com/ Affected Os : Windows Risk : critical This bug is pretty interresting in the way you have to exploit it in a weird way... With this PoC you'll...
IPSwitch IMail Server <= 8.1 Local Password Decryption Utility
No description provided by source. / IpSwitch IMail Server = ver 8.1 User Password Decryption by Adik netmaniac hotmail KG IpSwitch IMail Server uses weak encryption algorithm to encrypt its user passwords. It uses polyalphabetic Vegenere cipher to encrypt its user passwords. This encryption sche...
WS_FTP Server <= 4.0.2 ALLO Remote Buffer Overflow Exploit
No description provided by source. / Ipswitch WSFTP Server = 4.0.2 ALLO exploit c2004 Hugh Mann [email protected] This exploit has been tested with WSFTP Server 4.0.2.EVAL, Windows XP SP1 NOTE: - The exploit assumes the user has a total file size limit. If the user only has...
IPSwitch IMail LDAP Daemon Remote Buffer Overflow Exploit
No description provided by source. // / THCimail 0.1 - Wind0wZ remote root exploit / / Exploit by: Johnny Cyberpunk [email protected] / / THC PUBLIC SOURCE MATERIALS /...
Format string
Format string vulnerability in the logging function in the IM Server aka IMserve or IMserver in Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in ...
Directory traversal
Directory traversal vulnerability in the IM Server aka IMserve or IMserver in Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. dot dot in the recipient field...
CVE-2008-0944
Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote attackers to cause a denial of service NULL dereference and application crash via a version field containing zero...
CVE-2008-0946
Directory traversal vulnerability in the IM Server aka IMserve or IMserver in Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. dot dot in the recipient field...
Design/Logic Flaw
Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote attackers to cause a denial of service NULL dereference and application crash via a version field containing zero...
CVE-2008-0945
Format string vulnerability in the logging function in the IM Server aka IMserve or IMserver in Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in ...
CVE-2008-0944
Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier is vulnerable to a remote denial of service (NULL dereference and application crash) caused by a version field containing zero. No remediation or exploit details are provided in the documents. If exploitable vectors or fixes exist, they are not ...
CVE-2008-0946
The CVE-2008-0946 entry affects Ipswitch Instant Messaging (IM Server, aka IMserve/IMserver) up to version 2.0.8.1. The vulnerability is a directory traversal via ".." in the recipient field, permitting remote authenticated users to create arbitrary empty files. The NVD entry lists moderate sever...
CVE-2008-0944
Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote attackers to cause a denial of service NULL dereference and application crash via a version field containing zero...
CVE-2008-0945
The CVE-2008-0945 entry concerns Ipswitch Instant Messaging (IM) Server (IMserve/IMserver) 2.0.8.1 and earlier. A format string vulnerability exists in the server’s logging function, allowing remote authenticated users to trigger a denial of service (daemon crash) and possibly other unspecified i...
Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1
Luigi Auriemma Application: Ipswitch Instant Messaging http://www.ipswitch.com/products/instantmessaging Versions: = 2.0.8.1 Platforms: Windows Bugs: A pre-auth NULL pointer crash in decryption function B format string in logging C arbitrary empty files creation Exploitation: remote A versus both...
Ipswitch Instant Messaging multiple security vulnerabilities
Format string vulnerability, multiple DoS conditions...
Ipswitch WS_FTP Server Manager /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass
The remote host is running WSFTP Server Manager, also known as WSFTP WebService, a web-based administration tool included, for example, with Ipswitch WSFTP Server. The version of WSFTP Server Manager installed on the remote host allows an attacker by bypass authentication and gain access to ASP...
IPSwitch WS_FTP Server Manager / Whats Up unauthorized access
It's possible to access script files with localhostnull account without password. Scripts source code leak...
Re: Logs visualization in WS_FTP Server Manager 6.1.0.0
Luigi Auriemma wrote: WSFTP Server Manager aka WSFTP WebService is the web administration interface of the IpSwitch WSFTP server and runs by default on port 80. This also affects the Ipswitch What's Up Gold 11.03 web server...
Logs visualization in WS_FTP Server Manager 6.1.0.0
Luigi Auriemma Application: WSFTP Server Manager http://www.wsftp.com Versions: WSFTP Server = 6.1.0.0 Platforms: Windows Bugs: A authorization bypassing in log visualization B ASP source visualization Exploitation: remote Date: 06 Feb 2008 Author: Luigi Auriemma e-mail: [email protected] web:...