1154 matches found
CVE-2005-2813
Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" trailing null byte characters in the id parameter to the read mod in index.php...
CVE-2002-1721
Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service crash via an x-header that causes snprintf overwrite the FFGETFILE variable with a null byte...
CVE-2005-2008
Yaws Webserver 1.55 and earlier allows remote attackers to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 null...
еще один бажный скрипт в WebAPP v0.9.9.
Здравствуйте, . вот нашел еще новую узвимость в WebAPP v0.9.9.. Просмотр произвольных файлов в WebAPP Web Automated Perl Portal System v0.9.9. Software / Application - WebAPP v0.9.9. Problem-Type - удаленная Vulnerability - возможность чтения файлов и просмотр каталогов. Vendor -...
ArGoSoft FTP Server <= 1.4.2.8 Denial of Service Exploit
No description provided by source. / ArGoSoft Ftp Server remote overflow exploit author : c0d3r "kaveh razavi" [email protected] [email protected] package : ArGoSoft 1.4.2.29 and prior advisory : packetstormsecurity.nl/0503-advisories/argosoftFTP1428.txt company address : argosoft.com the bug...
ArGoSoft FTP Server 1.4.2.8 - Denial of Service
/ ArGoSoft Ftp Server remote overflow exploit author : c0d3r "kaveh razavi" [email protected] [email protected] package : ArGoSoft 1.4.2.29 and prior advisory : packetstormsecurity.nl/0503-advisories/argosoftFTP1428.txt company address : argosoft.com the bug was found by a mate and reported to...
DEBIAN-CVE-2004-1007
The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service application crash via mail headers that cause a line feed LF to be replaced by a null byte that is written to an incorrect memory address...
lighttpd < 1.3.8 Null Byte Request CGI Script Source Code Disclosure
According to its banner, the version of lighttpd running on the remote host is prior to 1.3.8. It is, therefore, affected by an information disclosure vulnerability. An unauthenticated, remote attacker can exploit this vulnerability, by requesting a CGI script that is appended by a '%00', to read...
CVE-2004-0848
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after 1 "%00 null byte in .doc filenames or 2 "%0a" carriage return in .rtf filenames...
CVE-2004-1123
Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service server crash via a DESCRIBE request with a location that contains a null byte...
CVE-2004-2584
frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte "%00". NOTE: it is not clear whether this issue poses a vulnerability...
eboard40.txt
Hi, I found a vulnerability in eBoard ver. 4.0 which allows remote users to open any file on the system. I think all prior vers have the same problem. eBoard is a wwwboard-like CGI script. It's written by Mike Bagneski in Perl and for sale! $14.95. http://www.e-scripts.com/eboard/ It doesn't chec...
CVE-2004-1123
Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service server crash via a DESCRIBE request with a location that contains a null byte...
[Full-Disclosure] iDEFENSE Security Advisory 12.03.2004: Apple Darwin Streaming Server DESCRIBE Null Byte Denial of Service Vulnerability
Apple Darwin Streaming Server DESCRIBE Null Byte Denial of Service Vulnerability iDEFENSE Security Advisory 12.03.2004 www.idefense.com/application/poi/display?id=159&type=vulnerabilities December 03, 2004 I. BACKGROUND Darwin Streaming Server is an open source version of Apple's QuickTime...
bsd/PPC - execve /bin/sh 128 bytes
bsd/PPC execve /bin/sh 128 bytes. Shellcode exploit for bsdppc platform / Linux PPC shellcode execve of /bin/sh by Palante / long shellcode = / Palante's BSD PPC shellcode w/ NULL/ 0x7CC63278, 0x2F867FFF, 0x41BC005C, 0x7C6802A6, 0xB0C3FFF9, 0xB0C3FFF1, 0x38867FF0, 0x38A67FF4, 0x38E67FF3,...
adv17.txt
+| Advisory 17. Search Engine & Directory by Turbo Seek Software: Search Engine & Directory Powered by Turbo Seek Vendor: FocalMedia.Net http://www.focalmedia.net Vulnerability: âîçìîæíîñòü ÷òåíèÿ ôàéëîâ Risk: ñðåäíèé Date: 10'Sept 2004 discovered by durito -duritoatmaildotru- HTTP: www.lwb57.org...
Turbo Seek Null Byte Error Discloses Files to Remote Users
No description provided by source. Some demonstration exploit URLs are provided: /cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 /cgi-bin /tseekdir.cgi?id=799&location=/etc/passwd%00 milw0rm.com 2004-09-13...
Turbo Seek - Null Byte Error Discloses Files
Turbo Seek - Null Byte Error Discloses Files Some demonstration exploit URLs are provided: /cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 /cgi-bin /tseekdir.cgi?id=799&location=/etc/passwd%00 milw0rm.com 2004-09-13...
Turbo Seek Null Byte Error Discloses Files to Remote Users
Exploit for cgi platform in category web applications ========================================================== Turbo Seek Null Byte Error Discloses Files to Remote Users ========================================================== Some demonstration exploit URLs are provided:...
Turbo Seek - Null Byte Error Discloses Files
Some demonstration exploit URLs are provided: /cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 /cgi-bin /tseekdir.cgi?id=799&location=/etc/passwd%00 milw0rm.com 2004-09-13...