70 matches found
EUVD-2001-0303
Malware in sbrugna...
EUVD-2003-1022
Malware in sbrugna...
EUVD-2001-0302
Malware in sbrugna...
EUVD-2007-2410
Malware in sbrugna...
Pi3Web ISAPI Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi3Web ISAPI DoS', 'Description' = %q The Pi3Web HTTP server crashes when a request is made for an invalid DLL file in /isapi for versions 2.0.13...
Pi3Web Detection
Checks whether Pi3Web is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General...
Pi3Web <= 2.0.3 (ISAPI) Remote Denial of Service Exploit
No description provided by source. Pi3Web ISAPI DoS vulnerability Discovered by: Hamid Ebadi CSIRT Team Member Amirkabir University CSIRT Laboratory APA Laboratory [email protected] Introduction Pi3Web is a free, multithreaded, highly configurable and extensible HTTP server and development...
Pi3Web 2.0.1 - Denial of Service - Proof of Concept
No description provided by source. / Pi3Web 2.0.1 DoS - Pr00f of concept. Vulnerable systems: Pi3Web 2.0.1 maybe others Vendor: www.johnroy.com/pi3 - http://pi3web.sourceforge.net/ Patch: no yet. Info: Pi3Web Server is vulnerable to a denial of Service. when a malformed HTTP Request is done the...
John Roy Pi3Web 1.0.1 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2381/info A buffer overflow vulnerability has been reported in John Roy Pi3Web web server. The ISAPI application within the server fails to properly handle user supplied input. Requesting a specially crafted URL will caus...
John Roy Pi3Web 2.0 For Windows Long Request Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3866/info John Roy Pi3Web is a standard web server which includes CGI and ISAPI support. Pi3Web uses multithreading to handle system requests. Pi3Web is available for Windows, Linux and Solaris. Due to a buffer overflow...
Pi3Web 2.0.2 SortName Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7787/info Pi3Web is prone to a buffer overflow vulnerability. This is due to insufficient bounds checking of URI parameters. This could be exploited to cause a denial of service or possibly to execute malicious...
Pi3Web 2.0.1 Malformed GET Request Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7555/info It has been reported that Pi3Web server is prone to a denial of service vulnerability. Reportedly, when a malicious GET request is sent to the Pi3Web server the server will fail. It should be noted that the Unix...
Eaton Network Shutdown Module Arbitrary PHP Code Execution Vulnerability
Eaton Network Shutdown Module is prone to a remote PHP code-execution vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...
Server side request forgery (ssrf)
Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop application and without using the Pi3Web/Conf/Intenet.pi3, allows remote attackers to cause a denial of service crash or hang and obtain the full pathname of the server via a request to a file in the ISAPI directory that is not an...
CVE-2008-6938
Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop application and without using the Pi3Web/Conf/Intenet.pi3, allows remote attackers to cause a denial of service crash or hang and obtain the full pathname of the server via a request to a file in the ISAPI directory that is not an...
CVE-2008-6938
Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop application and without using the Pi3Web/Conf/Intenet.pi3, allows remote attackers to cause a denial of service crash or hang and obtain the full pathname of the server via a request to a file in the ISAPI directory that is not an...
CVE-2008-6938
Pi3Web ISAPI DoS (CVE-2008-6938): Pi3Web 2.0.3 before PL2 on Windows desktop installs allow remote denial of service and disclosure of server pathname by requesting a non-DLL ISAPI file (e.g., Isapi\users.txt); exploitation is demonstrated via public Metasploit module targeting /isapi/ files and ...
Pi3Web ISAPI Requests Handling DoS Vulnerability
Pi3Web is prone to ISAPI Requests Handling DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
pi3Web ISAPI目录遍历远程拒绝服务漏洞
BUGTRAQ ID: 32287 Pi3Web是免费的多线程HTTP服务器和开发环境。 Pi3web没有充分地检查入站请求。如果远程攻击者向服务器所请求的文件为ISAPI目录中的无效DLL的话,服务器就会将其作为DLL库加载到内存,导致崩溃。 Pi3.org Pi3Web 2.0.13 临时解决方法: 在服务器配置的Server Admin Mapping Tab中禁用ISAPI。 删除ISAPI文件夹中的users.txt、install.daf和readme.daf。 厂商补丁: Pi3.org -------...
Pi3Web ISAPI DoS
The Pi3Web HTTP server crashes when a request is made for an invalid DLL file in /isapi for versions 2.0.13 and earlier. By default, the non-DLLs in this directory after installation are users.txt, install.daf and readme.daf. This module requires Metasploit: https://metasploit.com/download Curren...