myserver-0.4.1.txt

Topic: MyServer 0.4.1 DOS Product: Myserver 0.4.1 http://myserverweb.sourceforge.net Note: yep, I'm on the dole, anyone wanna give me a job : Vendor Notification: Woooops, sorry i forgot ; Background: from homepage MyServer is a free and easy to configure web server. MyServer is licensed under th...

Pi3Web 2.0.1 Denial of Service - Proof of Concept

No description provided by source. / Pi3Web 2.0.1 DoS - Pr00f of concept. Vulnerable systems: Pi3Web 2.0.1 maybe others Vendor: www.johnroy.com/pi3 - http://pi3web.sourceforge.net/ Patch: no yet. Info: Pi3Web Server is vulnerable to a denial of Service. when a malformed HTTP Request is done the...

Pi3Web 2.0.1 - Denial of Service (PoC)

Pi3Web 2.0.1 - Denial of Service PoC / Pi3Web 2.0.1 DoS - Pr00f of concept. Vulnerable systems: Pi3Web 2.0.1 maybe others Vendor: www.johnroy.com/pi3 - http://pi3web.sourceforge.net/ Patch: no yet. Info: Pi3Web Server is vulnerable to a denial of Service. when a malformed HTTP Request is done the...

Microsoft Office Web Components allows arbitary user to determine whether local file exists via Chart component "Load" method

Overview Microsoft Office Web Components OWC allows a malicious script on a web page to learn if a file exists on the client's filesystem. Description OWC allows viewing of Microsoft Office documents such as spreadsheets and charts to be viewed within an HTML document in Microsoft Internet Explor...

Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027)

source: https://www.securityfocus.com/bid/5213/info Microsoft Exchange 5.5 and the SMTP Simple Mail Transfer Protocol service included with IIS Internet Information Services 4.0 and 5.0 are vulnerable to an encapsulated SMTP address vulnerability. The vulnerability was originally announced in...

MacOS X SoftwareUpdate Vulnerability

---------------------------------------------------------------------------- MacOS X SoftwareUpdate Vulnerability. ---------------------------------------------------------------------------- Date: July 6, 2002 Version: MacOS 10.1.X and possibly 10.0.X Problem: MacOS X SoftwareUpdate connects to...

Using the backbutton in IE is dangerous

---..---..---..---..---..---..---..---..---..---..---..---..---- Title: Using the backbutton in IE is dangerous. Date: 2002-04-15 Software: At least Internet Explorer 6.0. Tested env: Windows 2000 pro, XP. Rating: Medium because user interaction is needed. Impact: Read cookies/local files and...

AdMentor Login Flaw

Regarding : AdMentor v2.11 and earlier Homepage: http://www.aspcode.net AdMentor allows any user to login as admin. The base path of the login is usually : http://www.someserver.com/admentor/admin/admin.a sp By using Login : ' or ''=' , and Password : ' or ''=' We create a legal query because it...

Vulnerability in Viralator proxy extension

Hi! Date: October 2001 Product: Viralator http://viralator.loddington.com/ Viralator is a perl-script to be used with the squid proxy, an apache webserver and some virus scanner software. Its purpose is to allow scanning of files downloaded through the proxy for viruses. The product has been list...

Microsoft Internet Information Server 4.0 (IIS) vulnerable to DoS when URL redirecting is enabled

Overview A vulnerability in IIS 4.0 may permit intruders to crash vulnerable IIS servers with URL redirection enabled. Description A vulnerability in Microsoft IIS 4.0 allows an attacker to crash IIS 4.0 servers if they are configured to use URL redirection. URL redirection is not used by default...

PT-2001-2418 · 3Com · 3Com Ps40 Superstack Ii

Name of the Vulnerable Software and Affected Versions: 3Com PS40 SuperStack II affected versions not specified Description: The issue allows remote attackers to perform brute force password guessing without being delayed or disconnected after providing incorrect usernames or passwords, making it...

Macromedia Flash plug-in contains buffer overflow

Overview Incorrectly formatted sound wave SWF files may cause a buffer overflow in the Macromedia Flash plug-in. Description If the length fields in an SWF file specify fewer data than are actually present in the file, processing the file may cause a buffer overflow in the Macromedia Flash plug-i...

Hexyn / Securax Advisory #17 - Bison FTP Server Directory Traversal

Hexyn / Securax Advisory 17 - Bison FTP Server Directory Traversal Topic: Bison FTP Server Directory Traversal Announced: 2001-02-17 Affects: Bison FTP Server version 4 Release 1 DISCLAIMER: THE ENTIRE ADVISORY HAS BEEN BASED UPON TRIAL AND ERROR RESULTS. THEREFORE WE CANNOT ENSURE YOU THE...

Hexyn / Securax Advisory #17 - Bison FTP Server Directory Traversal

Hexyn / Securax Advisory 16 - Ghetto FTP Server Directory Traversal Topic: Ghetto FTP Server Directory Traversal Announced: 2001-02-17 Affects: Ghetto FTP Server version 1.0 beta 1 DISCLAIMER: THE ENTIRE ADVISORY HAS BEEN BASED UPON TRIAL AND ERROR RESULTS. THEREFORE WE CANNOT ENSURE YOU THE...

Sun Solaris mailx contains buffer overflow via -F option

Overview A buffer overflow in the mailx program on Solaris systems can allow an intruder to execute code with the privileges of the mail group. Description A buffer overflow in the -F option of the mailx program on Solaris systems may allow an intruder to execute code with the privileges of the...

Hexyn-sa-16.TXT

Hexyn / Securax Advisory 16 - Ghetto FTP Server Directory Traversal Topic: Ghetto FTP Server Directory Traversal Announced: 2001-02-17 Affects: Ghetto FTP Server version 1.0 beta 1 DISCLAIMER: THE ENTIRE ADVISORY HAS BEEN BASED UPON TRIAL AND ERROR RESULTS. THEREFORE WE CANNOT ENSURE YOU THE...

Hexyn-sa-17.txt

Hexyn / Securax Advisory 17 - Bison FTP Server Directory Traversal Topic: Bison FTP Server Directory Traversal Announced: 2001-02-17 Affects: Bison FTP Server version 4 Release 1 DISCLAIMER: THE ENTIRE ADVISORY HAS BEEN BASED UPON TRIAL AND ERROR RESULTS. THEREFORE WE CANNOT ENSURE YOU THE...

Hexyn-sa-19.txt

Hexyn / Securax Advisory 19 - Multiple FTP Server DoS Topic: Multiple FTP Server DoS Announced: 2001-02-17 Affects: Serv-U FTP Server, G6 FTP Server, WarFTPd Server,... DISCLAIMER: THE ENTIRE ADVISORY HAS BEEN BASED UPON TRIAL AND ERROR RESULTS. THEREFORE WE CANNOT ENSURE YOU THE INFORMATION BELO...

Cisco 675 Denial of Service Attack

OK, since everyone is up-in-arms over vendor notification and their response times, here's an example of what happens if you give a vendor too -much- time. ----------------- Title : Cisco 675 Web Administration Denial of Service Device: Cisco 675 DSL Router Class : Denial of Service remote Vendor...

ftp.pl vulnerability

Feartech ftp browser problem From the creators page http://www.feartech.com/vv/ftp.shtml -- snip -- FTP Browser allows you to display a html enhanced directory listing, which is great for managing your ftp files. FTP Browser can do all of the following: -- snip -- But wait.. it can do more than...