GoScript Remote Command Execution

GoScript Remote Command Execution Version verified: 2.0 Author: Pete Stein http://www.slack.net/pete/perl GoScript v2.0 allow remote commando execution as we can see below: http://www.server.com/go.cgi?|id| http://www.server.com/go.cgi?artarchive=|id| May be possible another methods of attack!...

CVE-2004-0763

Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method...

Fusion News Yet Another Unauthorized Account Addition Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Product: Fusion News vendor: FusionPHP fusionphp.net Affected Versions: 3.6.1 and lower Description: A widely used news management system Vulnerabilities: Unauthorized Account Addition Vulnerability Date: July 29, 2004 Vuln Finder: r3d5pik...

Serena TeamTrack 6.1.1 - Remote Authentication Bypass

Serena TeamTrack 6.1.1 - Remote Authentication Bypass source: https://www.securityfocus.com/bid/10770/info It has been reported that Serena TeamTrack is affected by remote authentication bypass vulnerability. This issue is due to a design error that allows unauthenticated users to access sensitiv...

Medal of Honor - Remote Buffer Overflow (PoC)

Medal of Honor - Remote Buffer Overflow PoC / by Luigi Auriemma / include include include ifdef WIN32 include include include include "winerr.h" define close closesocket else include include include include include endif define VER "0.1" define BUFFSZ 4096 define PORT 12203 define TIMEOUT 3 defin...

CVE-2004-0652

BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service Pack 2, allows attackers to obtain the username and password for booting the server by directly accessing certain internal methods...

Authenticated Check : OS Name and Installed Package Enumeration

This plugin logs into the remote host using SSH, RSH, RLOGIN, Telnet, or local commands and extracts the list of installed packages. If using SSH, the scan should be configured with a valid SSH public key and possibly an SSH passphrase if the SSH public key is protected by a passphrase. TRUSTED...

CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow

include include include include include include include include include include include include include include typedef unsigned char uchar; void progressvoid; int brutecvsrootvoid; int bruteusernamevoid; int brutepasswordvoid; void hdlcrashedint; void bsdexploitationvoid; void tryexploitvoid; vo...

IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method

IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method source: https://www.securityfocus.com/bid/10561/info It is reported that the IBM acpRunner ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods...

IBM EGatherer 2.0 - ActiveX Control Dangerous Method

IBM EGatherer 2.0 - ActiveX Control Dangerous Method source: https://www.securityfocus.com/bid/10562/info It is reported that the IBM eGatherer ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods ma...

Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection

Simple Machines Forum SMF 1.0 - Size Tag HTML Injection source: https://www.securityfocus.com/bid/10281/info It has been reported that Simple Machines Forum SMF may be prone to an HTML injection vulnerability that may allow an attacker to execute arbitrary HTML or script code in a user's browser...

Advanced Guestbook 2.2 - 'Password' SQL Injection

source: https://www.securityfocus.com/bid/10209/info It has been reported that Advanced Guestbook is prone to a SQL injection vulnerability that could allow an attacker to gain administrative access to the application. This issue is reported to exist in Advanced Guestbook 2.2, however, it is...

BEA WebLogic Server internal methods may disclose sensitive information

Overview There is a vulnerability in BEA WebLogic Server that could allow users to obtain the credentials of the user who booted the server. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating, securing, and managing...

CVE-2004-0243

AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods...

GoAhead Web Server 2.1.x - Directory Management Policy Bypass

GoAhead Web Server 2.1.x - Directory Management Policy Bypass source: https://www.securityfocus.com/bid/9450/info GoAhead WebServer is prone to a vulnerability that may permit remote attackers to bypass directory management policy. It is reported that certain syntax may be used in HTTP GET reques...

CVE-2003-0249

PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache...

PT-2003-1462 · Apache +1 · Apache Httpd +1

Name of the Vulnerable Software and Affected Versions: PHP affected versions not specified Apache httpd 2.0 Description: The issue allows attackers to bypass intended access restrictions if PHP is running on a server that passes on all methods. This is because PHP treats unknown methods, such as...

MS03-050: Word and/or Excel may allow arbitrary code to run (831527)

The remote host is running a version of Microsoft Word and/or Microsoft Excel that are subject to a flaw that could allow arbitrary code to be run. An attacker could use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue Word or Excel file to the owne...

Re: Internet Explorer and Opera local zone restriction bypass

There was not a lot of details in your post, so I will try to verify and clarify your findings. First things first, this is not a problem with Microsofts Internet Explorer, but with Macromedia and their Flash player. I could reproduce this issue successfully with a fresh install of the latest Fla...

Microsoft IIS Authentication Method Enumeration

The remote host appears to be running a version of IIS which allows remote users to determine which authentication schemes are required for confidential web pages. That is, by requesting valid web pages with purposely invalid credentials, you can ascertain whether or not the authentication scheme...