EUVD-2007-2410

Malware in sbrugna...

EUVD-2001-0302

Malware in sbrugna...

EUVD-2003-1022

Malware in sbrugna...

EUVD-2001-0303

Malware in sbrugna...

Pi3Web ISAPI Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi3Web ISAPI DoS', 'Description' = %q The Pi3Web HTTP server crashes when a request is made for an invalid DLL file in /isapi for versions 2.0.13...

Pi3Web Detection

Checks whether Pi3Web is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General...

Pi3Web 2.0.1 Malformed GET Request Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7555/info It has been reported that Pi3Web server is prone to a denial of service vulnerability. Reportedly, when a malicious GET request is sent to the Pi3Web server the server will fail. It should be noted that the Unix...

Pi3Web 2.0.1 - Denial of Service - Proof of Concept

No description provided by source. / Pi3Web 2.0.1 DoS - Pr00f of concept. Vulnerable systems: Pi3Web 2.0.1 maybe others Vendor: www.johnroy.com/pi3 - http://pi3web.sourceforge.net/ Patch: no yet. Info: Pi3Web Server is vulnerable to a denial of Service. when a malformed HTTP Request is done the...

John Roy Pi3Web 1.0.1 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2381/info A buffer overflow vulnerability has been reported in John Roy Pi3Web web server. The ISAPI application within the server fails to properly handle user supplied input. Requesting a specially crafted URL will caus...

Pi3Web <= 2.0.3 (ISAPI) Remote Denial of Service Exploit

No description provided by source. Pi3Web ISAPI DoS vulnerability Discovered by: Hamid Ebadi CSIRT Team Member Amirkabir University CSIRT Laboratory APA Laboratory [email protected] Introduction Pi3Web is a free, multithreaded, highly configurable and extensible HTTP server and development...

Pi3Web 2.0.2 SortName Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7787/info Pi3Web is prone to a buffer overflow vulnerability. This is due to insufficient bounds checking of URI parameters. This could be exploited to cause a denial of service or possibly to execute malicious...

John Roy Pi3Web 2.0 For Windows Long Request Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3866/info John Roy Pi3Web is a standard web server which includes CGI and ISAPI support. Pi3Web uses multithreading to handle system requests. Pi3Web is available for Windows, Linux and Solaris. Due to a buffer overflow...

Eaton Network Shutdown Module Arbitrary PHP Code Execution Vulnerability

Eaton Network Shutdown Module is prone to a remote PHP code-execution vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

Server side request forgery (ssrf)

Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop application and without using the Pi3Web/Conf/Intenet.pi3, allows remote attackers to cause a denial of service crash or hang and obtain the full pathname of the server via a request to a file in the ISAPI directory that is not an...

CVE-2008-6938

Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop application and without using the Pi3Web/Conf/Intenet.pi3, allows remote attackers to cause a denial of service crash or hang and obtain the full pathname of the server via a request to a file in the ISAPI directory that is not an...

CVE-2008-6938

Pi3Web ISAPI DoS (CVE-2008-6938): Pi3Web 2.0.3 before PL2 on Windows desktop installs allow remote denial of service and disclosure of server pathname by requesting a non-DLL ISAPI file (e.g., Isapi\users.txt); exploitation is demonstrated via public Metasploit module targeting /isapi/ files and ...

CVE-2008-6938

Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop application and without using the Pi3Web/Conf/Intenet.pi3, allows remote attackers to cause a denial of service crash or hang and obtain the full pathname of the server via a request to a file in the ISAPI directory that is not an...

Pi3Web ISAPI Requests Handling DoS Vulnerability

Pi3Web is prone to ISAPI Requests Handling DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

pi3Web ISAPI目录遍历远程拒绝服务漏洞

BUGTRAQ ID: 32287 Pi3Web是免费的多线程HTTP服务器和开发环境。 Pi3web没有充分地检查入站请求。如果远程攻击者向服务器所请求的文件为ISAPI目录中的无效DLL的话，服务器就会将其作为DLL库加载到内存，导致崩溃。 Pi3.org Pi3Web 2.0.13 临时解决方法： 在服务器配置的Server Admin Mapping Tab中禁用ISAPI。 删除ISAPI文件夹中的users.txt、install.daf和readme.daf。 厂商补丁： Pi3.org -------...

Pi3Web ISAPI DoS

The Pi3Web HTTP server crashes when a request is made for an invalid DLL file in /isapi for versions 2.0.13 and earlier. By default, the non-DLLs in this directory after installation are users.txt, install.daf and readme.daf. This module requires Metasploit: https://metasploit.com/download Curren...