Firefox < 0.9.3 Null Character MIME Type Spoofing Arbitrary Code Execution

The installed version of Firefox is earlier than 0.9.3. Such versions may allow arbitrary code execution. The security vulnerability is due to the fact that Firefox stores cached HTML documents with a known file name, and to the fact that it's possible to force Firefox to open cached files as HTM...

CVE-2002-1581

CVE-2002-1581 : A directory traversal vulnerability exists in Mailreader.com’s nph-mr.cgi, affecting versions 2.3.20 through 2.3.31. An attacker can use .. and a null byte (%00) in the configLanguage parameter to view arbitrary files on the server. The issue is confirmed in multiple sources (NVD ...

Gaim contains an off-by-one buffer overflow vulnerability in the gaim_quotedp_decode() function

Overview There is an off-by-one buffer overflow vulnerability in the Gaim MIME decoder. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It includes a feature that requires Gaim to decode MIME-encoded data. There is an off-by-one buffer overflow...

BSD ftpd Single Byte Buffer Overflow

The remote ftp daemon contains a flaw in the 'replydirname' function which allows an attacker to write a null byte beyond the boundaries of the local buffer. An attacker can exploit this to gain root access. C Tenable Network Security, Inc. This script was written by Xue Yong Zhi...

Apache Tomcat 3.x - Null Byte Directory File Disclosure

Apache Tomcat 3.x - Null Byte Directory File Disclosure source: https://www.securityfocus.com/bid/6721/info Apache Tomcat is prone to a directory/file disclosure vulnerability when used with JDK 1.3.1 or earlier. It has been reported that remote attackers may view directory contents even when an...

Apache Tomcat 3.x - Null Byte Directory / File Disclosure

source: https://www.securityfocus.com/bid/6721/info Apache Tomcat is prone to a directory/file disclosure vulnerability when used with JDK 1.3.1 or earlier. It has been reported that remote attackers may view directory contents even when an 'index.html' or other welcome file. It is also possible...

CVE-2002-2419

Direct connect text client DCTC client 0.83.3 allows remote attackers to cause a denial of service crash via a string ending with a NULL byte character...

PT-2002-2443 · Altermime · Altermime

Name of the Vulnerable Software and Affected Versions: alterMIME versions 0.1.10 through 0.1.11 Description: The issue is caused by an off-by-one error that allows remote attackers to cause a denial of service, resulting in a crash. This is achieved via an x-header that causes snprintf to overwri...

KeyFocus (KF) Web Server Null Byte Request Restricted File / Directory Access

The installed version of KF Web Server returns a directory listing when the request URL contains a URL-encoded NULL byte %00 after the directory name. C Tenable Network Security, Inc. This script was written starting from roxenpercent.nasl References: From:"Securiteinfo.com"...

MailReader.com 2.3.x - NPH-MR.cgi File Disclosure

MailReader.com 2.3.x - NPH-MR.cgi File Disclosure source: https://www.securityfocus.com/bid/6055/info A vulnerability exists in Mailreader.com which may enable remote attackers to disclose the contents of arbitrary webserver readable files. An attacker may exploit this issue by submitting a...

CVE-2002-1025

JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed...

CVE-2002-1021

BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte...

CVE-2002-1021

BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte...

CVE-2002-1021

Summary of CVE-2002-1021 (BadBlue Hex-encoded Null Byte) The vulnerability affects the BadBlue web server and allows remote attackers to read restricted files (notably EXT.INI, the BadBlue configuration file) by sending an HTTP request containing a hex-encoded NULL byte. This constitutes an infor...

Several problems in CARE 2002

Several problems in CARE 2002 ------------------------------------- What is CARE 2002? CARE 2002 is a free software package for hospitals. It's based on php + mysql. For further information visit http://www.care2x.com/. include + NULL problem Problem description There are several include statemen...

Working Resources 1.7.3 BadBlue - Null Byte File Disclosure

Working Resources 1.7.3 BadBlue - Null Byte File Disclosure source: https://www.securityfocus.com/bid/5226/info BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. It has been discovered that a request passed to a...

Working Resources 1.7.3 BadBlue - Null Byte File Disclosure

source: https://www.securityfocus.com/bid/5226/info BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. It has been discovered that a request passed to a BadBlue server containing a null byte at the end of a file nam...

PHP classical bugs in phpBB allows remote code execution

Uninitialized PHP variables and ability to modify SQL query allow to execute code on server. Crossite scripting. Invalid NULL-byte handling leads to DoS...

CVE-2001-1140

BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable programs by appending a %00 null byte to the request...

CVE-2001-1140

BadBlue Personal Edition v1.02 beta is affected by CVE-2001-1140, where remote attackers can read source code of executables by adding a null byte (%00) to the request. The vulnerability is exploitable over a network with low attack complexity and no authentication, causing partial confidentialit...