Lucene search
K

110 matches found

Exploit DB
Exploit DB
added 2001/04/11 12:0 a.m.35 views

Solaris 2.6/7.0 - IN.FTPD CWD 'Username' Enumeration

source: https://www.securityfocus.com/bid/2564/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is a versatile operating system designed for use with machines as small as desktop systems and as large as enterprise systems. A problem with the ftp...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2001/03/09 12:0 a.m.34 views

Microsoft Internet Explorer 5.0.1/5.5/6.0 - Telnet Client File Overwrite

source: https://www.securityfocus.com/bid/2463/info Services for Unix 2.0 contains a client side logging option which records all information exchanged in a telnet session. A vulnerability exists that could enable a remote user to invoke the telnet client and execute arbitrary commands on a targe...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/02/21 12:0 a.m.28 views

Quick Analysiss of the recent crc32 ssh(d) bug

Abstract ----------- This article discusses the recently discovered security hole in the crc32 attack detector as found in common ssh packages like OpenSSH and derivates using the ssh-1 protocoll. There is a possible overflow during assignemnet from 32bit integer to 16bit wide one leading to...

7.8AI score
Exploits0
Exploit DB
Exploit DB
added 2001/02/12 12:0 a.m.20 views

SilverPlatter WebSPIRS 3.3.1 - File Disclosure

source: https://www.securityfocus.com/bid/2362/info A remote user could gain read access to known files outside of the root directory where SilverPlatter WebSPIRS resides. Requesting a specially crafted URL composed of '../' sequences along with the known filename will disclose the requested file...

7AI score
Exploits0
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.33 views

CVE-2000-0745

admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter...

6.9AI score0.1207EPSS
Exploits2References3
exploitpack
exploitpack
added 2000/05/16 12:0 a.m.14 views

Matt Kruse Calendar Script 2.2 - Arbitrary Command Execution

Matt Kruse Calendar Script 2.2 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/1215/info Matt Kruse's Calendar script is a popular, free perl cgi-script used by many websites on the Internet. It allows a website administrator to easily setup and customize a calendar on the...

0.4AI score
Exploits0
exploitpack
exploitpack
added 1999/09/27 12:0 a.m.10 views

Eicon Networks DIVA LAN ISDN Modem 1.0 Release 2.51.02.0 - Denial of Service

Eicon Networks DIVA LAN ISDN Modem 1.0 Release 2.51.02.0 - Denial of Service source: https://www.securityfocus.com/bid/665/info A vulnerability in the Diva LAN ISDN Modem allows remote malicious users to lock up the modem requiring a hard reset. The vulnerability manifests itself when a remote...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.30 views

IMail IMAP Server Login Functions Remote Overflow

The remote host is running IMail IMAP server. The installed version is affected by a buffer overflow when handling a long user name, or a long password. An attacker, exploiting this flaw, could cause a denial of service, or possibly execute arbitrary code subject to the permissions of the IMAP...

5CVSS6.6AI score0.08441EPSS
Exploits0References2
Exploit DB
Exploit DB
added 1999/05/26 12:0 a.m.35 views

University of Washington pop2d 4.4 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/283/info A buffer overflow vulnerability in pop2d version 4.4 or earlier allow malicious remote users to obtain access to the "nobody" user account. The pop2 and pop3 servers support the concept of an "anonymous proxy", whereby a remote user connecting...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 1998/07/08 12:0 a.m.36 views

Ray Chan WWW Authorization Gateway 0.1 - Command Execution

source: https://www.securityfocus.com/bid/152/info A vulnerability exists in the WWW Authorization Gateway program written by Ray Chan. Version 1.0 fails to eliminate characters with special meaning to the shell prior to executing a command. As a result, an attacker can utilize certain characters...

7.4AI score
Exploits0
Rows per page
Query Builder