EUVD-2002-0258

Malware in sbrugna...

EUVD-2002-0256

Malware in sbrugna...

miniPortail admin.php Cookie Manipulation Security Bypass

The remote host is running MiniPortal, a PHP application for managing a web portal. It is possible to bypass admin authentication by setting a cookie with a value of 'adminok' on admin.php. A remote attacker could exploit this to gain administrative privileges on this host. %NASLMINLEVEL 70300 C...

MiniPortal SOHO

Product : MiniPortal SOHO Version : 1.3.3 OSystem : Windows Authors : Instant Servers Inc WebSite : http://www.instantservers.com Problem : Create and Remove directories with anonymous access Description: ------------ rus: ==== MiniPortal включает в себя следующие компоненты: WEB Server Apache...

CVE-2002-0259

InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in 1 .pwd files in the miniportal/apache directory, or 2 mplog.txt, which could allow local users to gain privileges...

CVE-2002-0261

Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... modified dot dot in the GET command...

CVE-2002-0260

Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility...

CVE-2002-0261

Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... modified dot dot in the GET command...

CVE-2002-0261

CVE-2002-0261 describes a directory traversal in InstantServers MiniPortal 1.1.5 and earlier. A remote authenticated user can read arbitrary files by using a modified dot dot (.. ) in the GET request, exposing sensitive files. The connected documents corroborate this description. No explicit reme...

CVE-2002-0259

InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in 1 .pwd files in the miniportal/apache directory, or 2 mplog.txt, which could allow local users to gain privileges...

CVE-2002-0259

CVE-2002-0259 affects InstantServers MiniPortal 1.1.5 and earlier. The vulnerability arises from storing sensitive login/account data in plaintext in (1) .pwd files under miniportal/apache, and (2) mplog.txt, enabling local users to gain privileges. Details in connected records confirm the file p...

CVE-2002-0260

CVE-2002-0260 concerns a buffer overflow in InstantServers MiniPortal 1.1.5 and earlier. The overflow occurs when a long login name is processed by the logging utility, allowing remote attackers to potentially execute arbitrary code. Affected software/version: MiniPortal

CVE-2002-0260

Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility...

InstantServers MiniPortal Multiple Vulnerabilities

Strumpf Noir Society Advisories ! Public release ! -- -= InstantServers MiniPortal Multiple Vulnerabilities =- Release date: Saturday, February 9, 2002 Introduction: InstantServers' MiniPortal provides a complete solution for fast and easy web site hosting on a Windows PC. It features a Apache-...

Многочисленные ошибки в InstantServers MiniPortal (multiple bugs)

Переполнения буфера, обратный путь в директориях и прочее в FTP-сервере...