193 matches found
mvnForum activatemember Multiple Parameter XSS
The remote host is running mvnForum, an open source, forum application based on Java J2EE. The version of mvnForum installed on the remote host fails to sanitize user-supplied input to the 'activatecode' and 'member' parameters of the 'activatemember' script before using it to generate dynamic we...
CVE-2005-2343
The CVE-2005-2343 issue affects the Research in Motion (RIM) BlackBerry Handheld web browser prior to 4.0.2. A denial of service can be triggered remotely by a specially crafted Java Application Description (JAD) file with an extremely long application name and vendor string, causing the browser ...
CVE-2005-2343
Research in Motion RIM BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service hang via a Java Application Description JAD file with a long application name and vendor string, which prevents a browser dialog from being properly...
Research in Motion (RIM) BlackBerry Handheld web browser does not properly handle Java Application Description (JAD) files
Overview The Research in Motion RIM BlackBerry Handheld web browser is vulnerable to a denial of service via a specially crafted Java Application Description JAD file. Description The BlackBerry Handheld web browser does not properly handle malformed JAD files. JAD files in J2ME are used to...
Sun Java System Application Server (Sun ONE) JSP source code disclosure
No description provided...
cccitftp-adv.txt
Luigi Auriemma Application: Chesapeake TFTP Server http://www.netcordia.com/tools/tools/TrivialFTP/tftp.html Versions: 1.0 Platforms: any supported by Java Bugs: A directory traversal B Denial of Service Exploitation: remote Date: 30 October 2004 Author: Luigi Auriemma e-mail: [email protected]...
directory traversal in GWeb 0.6
Donato Ferrante Application: GWeb HTTP Server http://freshmeat.net/projects/gweb/ Version: 0.6 Bug: directory traversal bug Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2...
Denial Of Service in ChatterBox 2.0
Donato Ferrante Application: ChatterBox http://www.urbancities.net/burton/ Version: 2.0 Bug: Denial Of Service Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2. The bug 3...
Windows NT 4.0 with IBM JVM Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Windows NT 4.0 with IBM JVM Denial of Service Release Date: 07/23/2003 Application: Any Java application, other applications are possible attack vectors. Platform: Java 2 Runtime Environmen...
12Planet Chat Server Error Message Path Disclosure
The remote host is running 12Planet Chat Server - a web-based chat server written in Java. There is a flaw in this version which allows an attacker to obtain the physical path of the installation by sending a malformed request to this service. Knowing this information will help an attacker to mak...
JRun SSI Request Body Parsing
Vulnerable Products: JRun Java application server from Allaire. All current versions with latest security patches as of November 2001 are believed to be affected, including 2.3.3, 3.0, and 3.1. Impact: Revealing of source code to Java Server Pages, and other protected files inside the web root...
Allaire JRun Java Application Server vulnerable to Cross-Site Scripting via passing of user input directly to default error page
Overview Web Servers that use the Allaire JRun Java Servlet Container are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated input from...
Serv-U 2.5i DoS
Hi, I think I found another DoS issue in Serv-U 2.5i: I've downloaded the "Fixed" version of Serv-U yesterday. I installed it on one of my pc's and started windirRSRCMTR.EXE to see how many resources are used when I flood it. Then I started to play around with the server: Ftp open server Connecte...