Pinnacle ShowCenter DoS

Web interface DoS with non-existant skin...

BRS WebWeaver: Ftpd Lockdown via RETR cmd

=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: BRS WebWeaver: Ftpd Lockdown via RETR cmd product: BRS WebWeaver 1.04 and prior vendor: http://www.brswebweaver.com risk: high date: 04/23/2k3 tested platform: Windows 98 Second Edition discovered by: euronymous /F0KP advisory urls:...

CVE-2002-1053

Cross-site scripting XSS vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message...

ISC BIND 8.3.x - OPT Record Large UDP Denial of Service

ISC BIND 8.3.x - OPT Record Large UDP Denial of Service // source: https://www.securityfocus.com/bid/6161/info ISC BIND is vulnerable to a denial of service attack. When a DNS lookup is requested on a non-existant sub-domain of a valid domain and an OPT resource record with a large UDP payload is...

ISC BIND < 8.3.4 Multiple Remote Vulnerabilities

The remote name server, according to its version number, is affected by the following vulnerabilities : - When running the recursive DNS functionality, this server is vulnerable to a buffer overflow attack that may let an attacker execute arbitrary code on the remote host. - It is vulnerable to a...

CVE-2000-0760

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension...

CVE-2000-0760

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension...

Infinite loop in LOTUS NOTE 5.0.3. SMTP SERVER

Maybe this is a configuration error in the server where I tryed this but anyway here is the message that I sent : helo xpto.pt mail from: non-existant-user@ipadressoflotusserver mail to : non-existant-user data testing123 . So Lotus Notes SMTP Server now will loop forever trying to tell to the...

PT-2000-1324 · Gossamer Threads · Gossamer Threads Dbman

Name of the Vulnerable Software and Affected Versions: Gossamer Threads DBMan version db.cgi Description: The issue allows remote attackers to view environmental variables and setup information. This is achieved by referencing a non-existing database in the db parameter. Recommendations: For...

CVE-2000-0176

The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist...

CVE-2000-0079

The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL...

Microsoft IIS 5.0 - IISAPI Extension Enumerate Root Web Server Directory

source: https://www.securityfocus.com/bid/194/info A GET request that specifies a nonexistent file with an IISAPI-registered extension ie .pl, .idq will cause the IIS server to return an error message that includes the full path of the root web server directory. This can happen if the file is...