CVE-2005-4147

The TCLHTTPd service in Lyris ListManager before 8.9b allows remote attackers to obtain source code for arbitrary .tml TCL files via 1 a request with a trailing null byte %00, which might also require 2 an authentication bypass step that involves a username with a trailing "@" characters...

lighttpd < 1.3.8 Null Byte Request CGI Script Source Code Disclosure

According to its banner, the version of lighttpd running on the remote host is prior to 1.3.8. It is, therefore, affected by an information disclosure vulnerability. An unauthenticated, remote attacker can exploit this vulnerability, by requesting a CGI script that is appended by a '%00', to read...

Zeus < 3.3.5a Web Server Null Byte Request CGI Source Disclosure

Binary data 1447.prm...

Zeus Web Server Null Byte Request CGI Source Disclosure

The remote host is running the Zeus Web Server. Versions 3.1.x to 3.3.5 of this web server are vulnerable to a bug that allows an attacker to view the source code of CGI scripts. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...