CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1757 matches found

Exploit DB•added 2005/03/29 12:0 a.m.•57 views

mtftpd 0.0.3 - Remote Code Execution

/ \ mtftpd include include include include include include include include include include define PORT 21 define doit b0, b1, b2, b3, addr...

7.4AI score

Exploits0

securityvulns•added 2005/01/30 12:0 a.m.•27 views

WebWasher filtering proxy localhost access

It's possible to access localhost from remote network with a proxy...

3AI score

Exploits0References1Affected Software1

securityvulns•added 2005/01/30 12:0 a.m.•40 views

WebWasher Classic - HTTP CONNECT weakness

WebWasher Classic - HTTP CONNECT weakness ========================================= WebWasher Classic ================= WebWasher Classic is a well known HTTP-URL/Popup/Script filtering proxy which is free for non commercial use. WebWasher Classic supports two modes, a client mode, where it only...

0.6AI score

Exploits0

Exploit DB•added 2004/08/26 12:0 a.m.•47 views

Bird Chat 1.61 - Denial of Service

/ Bird Chat 1.61 - Denial Of Service - Proof Of Concept Coded by: Donato Ferrante / import java.net.Socket; import java.net.InetAddress; import java.net.ConnectException; import java.net.SocketTimeoutException; import java.io.OutputStream; import java.io.InputStream; public class BirdChat161DoSpo...

7AI score

Exploits0

Tenable Nessus•added 2003/03/12 12:0 a.m.•118 views

NFS portmapper localhost Mount Request Restricted Host Access

The remote RPC portmapper forwards NFS requests made to it. An attacker may use this flaw to make NFS mount requests which will appear to come from localhost and therefore override the ACLs set up for NFS. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

7.5CVSS5.5AI score0.00542EPSS

Exploits0References1

NVD•added 2002/12/31 5:0 a.m.•15 views

CVE-2002-2170

Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote attackers to execute arbitrary code via a web page containing an HTTP POST request...

7.5CVSS7.5AI score0.11665EPSS

Exploits1References3

exploitpack•added 2002/08/03 12:0 a.m.•15 views

602Pro LAN SUITE 2002 - Telnet Proxy localhost Denial of Service

602Pro LAN SUITE 2002 - Telnet Proxy localhost Denial of Service source: https://www.securityfocus.com/bid/5416/info The 602Pro LAN SUITE 2002 Telnet Proxy is reported to be prone to a denial of service condition. It is possible for proxy users to use the loopback interface to connect to localhos...

7.3AI score

Exploits0

Exploit DB•added 2002/08/03 12:0 a.m.•38 views

602Pro LAN SUITE 2002 - Telnet Proxy localhost Denial of Service

source: https://www.securityfocus.com/bid/5416/info The 602Pro LAN SUITE 2002 Telnet Proxy is reported to be prone to a denial of service condition. It is possible for proxy users to use the loopback interface to connect to localhost. If a large number of these connections are made concurrently, ...

7AI score

Exploits0

Packet Storm•added 2002/07/04 12:0 a.m.•38 views

DLA-25-06-2002.txt

Digit-Labs Security Advisory http://www.digit-labs.org/ Advisory Name: IIS Administration Web Site redirect exploits Release Date: 25.June-2002 Application: Microsoft Internet Information Server 5.0 Platform: Windows 2000 Professional Severity: Low/Medium Authors: GoLLuM.no...

7.4AI score

Exploits0

securityvulns•added 2001/08/31 12:0 a.m.•31 views

gnut gnutella client html injection

Hello I recently discovered a bug in gnut, a console/www Gnutella client for Linux and Windows, that allows the injection of html code in the Search Result Page of the Webfrontend. This is done by sharing a file with html tags embedded. testHR.mp3 for example More complex things are possible with...

7.7AI score

Exploits0

securityvulns•added 2001/02/27 12:0 a.m.•29 views

inetd DoS exploit

Name: inetd DoS exploit Author: SeregaLinux ser@ihg prog$ ./pscaner -h 127.0.0.1 / it's my port scaner / Open ports on 127.0.0.1 ----------------------------- 21 OPEN : 220 ihg.localhost FTP server Version wu-6.6.65 Sat Feb 17 15:10:44 MSK 2001 ready. 23 OPEN : 25 OPEN : 220 ihg.localhost ESMTP...

0.1AI score

Exploits0

NVD•added 2001/01/18 5:0 a.m.•12 views

CVE-2001-1474

SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache...

5CVSS6.7AI score0.01471EPSS

Exploits0References2

CERT•added 2000/09/26 12:0 a.m.•24 views

SSH host key authentication can be bypassed when DNS is used to resolve localhost

Overview This vulnerability allows an attacker to redirect an SSH connection to an arbitary host. Description When making connections to localhost, SSH disables host key checking to provide compatibility with NFS filesystems. As a result, if the victim's machine uses a poisoned DNS server to...

6.8AI score

Exploits0References1

securityvulns•added 2000/06/27 12:0 a.m.•41 views

Andrew Lewis

The Problem: ------------ Many admins who use Proxy+ configure the remote administration port which works over HTTP to only accept connections from the localhost. Fortunately enough, the admin port doesn't allow connections which have been bounced through the HTTP proxy. The telnet proxy, on the...

7.5AI score

Exploits0

Packet Storm•added 2000/02/18 12:0 a.m.•33 views

aix-snmp.txt

Following on from Michael Zalewski's recent SNMP post, here's an issue i noted on two AIX systems. NOTE: This was seen on both AIX 4.3 and 4.2. It appears that on the above releases of AIX, the SNMP daemon is enabled by default and two community names are enabled with read/write privileges. The...

7.4AI score

Exploits0