Lucene search
K

150 matches found

seebug.org
seebug.org
added 2008/01/18 12:0 a.m.17 views

MiniWeb目录遍历和缓冲区溢出漏洞

MiniWeb是一款WEB服务程序。 MiniWeb不正确处理用户提交的输入,远程攻击者可以利用漏洞进行目录遍历和缓冲区溢出攻击。 如提交如下请求可导致触发漏洞: http://www.example.com/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/boot.ini GET /AAAA...3600 - 4000...AAAA/ HTTP/1.0 Stanley Huang MiniWeb 0.8.19 目前没有解决方案提供: http://sourceforge.net/projects/miniweb...

7.1AI score
Exploits0
Prion
Prion
added 2008/01/17 10:0 p.m.14 views

Directory traversal

Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a 1 .%2e partially encoded dot dot or 2 %2e%2e encoded dot dot in the URI...

5CVSS7.2AI score0.02811EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2008/01/17 10:0 p.m.15 views

CVE-2008-0338

Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a 1 .%2e partially encoded dot dot or 2 %2e%2e encoded dot dot in the URI...

5CVSS6.7AI score0.02811EPSS
Exploits0References6
Prion
Prion
added 2008/01/17 10:0 p.m.11 views

Heap overflow

Heap-based buffer overflow in the mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI...

7.5CVSS8.6AI score0.0536EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2008/01/17 9:7 p.m.15 views

CVE-2008-0337

Heap-based buffer overflow in the mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI...

8AI score0.0536EPSS
Exploits1References6
Cvelist
Cvelist
added 2008/01/17 9:7 p.m.18 views

CVE-2008-0338

Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a 1 .%2e partially encoded dot dot or 2 %2e%2e encoded dot dot in the URI...

6.7AI score0.02811EPSS
Exploits0References6
CVE
CVE
added 2008/01/17 9:7 p.m.41 views

CVE-2008-0337

MiniWeb HTTP Server 0.8.19 is affected by a heap-based buffer overflow in the _mwProcessReadSocket function of http.c. An attacker can trigger this remotely by sending a long URI, potentially enabling arbitrary code execution. The root cause is an overflow in the socket-read handling. Affected ve...

7.5CVSS8AI score0.0536EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2008/01/17 9:7 p.m.38 views

CVE-2008-0338

The CVE-2008-0338 vulnerability affects MiniWeb HTTP Server 0.8.19, where the mwGetLocalFileName function in http.c is vulnerable to directory traversal via URI-encoded references (.%2e and %2e%2e). This could allow remote attackers to read arbitrary files and list directories. The provided docum...

5CVSS6.7AI score0.02811EPSS
Exploits0References6Affected Software1
seebug.org
seebug.org
added 2008/01/17 12:0 a.m.20 views

MiniWeb 0.8.19 Multiple Remote Vulnerabilities

No description provided by source. MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients with a...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/17 12:0 a.m.26 views

miniweb-multi.txt

MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients with a single thread, supporting GET and POS...

Exploits0
0day.today
0day.today
added 2008/01/16 12:0 a.m.28 views

MiniWeb 0.8.19 Multiple Remote Vulnerabilities

Exploit for unknown platform in category remote exploits ============================================== MiniWeb 0.8.19 Multiple Remote Vulnerabilities ============================================== MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written ...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/16 12:0 a.m.32 views

Miniweb 0.8.19 - Multiple Vulnerabilities

MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients with a single thread, supporting GET and POS...

7.4AI score
Exploits0
NVD
NVD
added 2007/06/11 10:30 p.m.12 views

CVE-2007-3159

http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service application crash via a negative value in the Content-Length HTTP header...

5CVSS6.5AI score0.02759EPSS
Exploits1References5
Prion
Prion
added 2007/06/11 10:30 p.m.15 views

Design/Logic Flaw

http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service application crash via a negative value in the Content-Length HTTP header...

5CVSS7.1AI score0.02759EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2007/06/11 10:0 p.m.35 views

CVE-2007-3159

CVE-2007-3159 affects the MiniWeb Http Server 0.8.x series. The vulnerability is triggered by a negative value in the Content-Length HTTP header, which can cause a remote attacker to induce an application crash (DoS). The available connected records confirm the affected product and the root cause...

5CVSS6.6AI score0.02759EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2007/06/11 10:0 p.m.18 views

CVE-2007-3159

http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service application crash via a negative value in the Content-Length HTTP header...

6.5AI score0.02759EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2007/06/11 12:0 a.m.18 views

miniweb-dos.txt

MiniWeb Http Server 0.8.x Remote Denial of Service MiniWeb site http://sourceforge.net/projects/miniweb/ Author: gbr Tested running the server under Windows XP SP2 Description: The server doesn't do a sanity-check on 'Content-Length' value from POST Header, allowing the attacker to control the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/06/07 12:0 a.m.14 views

MiniWeb HTTP Server 0.8.x - Remote Denial of Service

MiniWeb HTTP Server 0.8.x - Remote Denial of Service MiniWeb Http Server 0.8.x Remote Denial of Service MiniWeb site http://sourceforge.net/projects/miniweb/ Author: gbr Tested running the server under Windows XP SP2 Description: The server doesn't do a sanity-check on 'Content-Length' value from...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2007/06/07 12:0 a.m.14 views

MiniWeb Http Server 0.8.x Remote Denial of Service Exploit

No description provided by source. MiniWeb Http Server 0.8.x Remote Denial of Service MiniWeb site http://sourceforge.net/projects/miniweb/ Author: gbr Tested running the server under Windows XP SP2 Description: The server doesn't do a sanity-check on 'Content-Length' value from POST Header,...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/06/07 12:0 a.m.17 views

MiniWeb Http Server 0.8.x Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================== MiniWeb Http Server 0.8.x Remote Denial of Service Exploit ========================================================== MiniWeb Http Server 0.8.x Remote Denial of Service MiniWeb site...

7AI score
Exploits0
Rows per page
Query Builder