EUVD-2000-0667

Malware in sbrugna...

EUVD-1999-1503

Malware in sbrugna...

EUVD-2001-1099

Malware in sbrugna...

roxen.sodazitron.at Cross Site Scripting vulnerability OBB-3788079

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Roxen WebServer Detection

Checks whether Roxen WebServer is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GN...

princeton.edu XSS vulnerability

Vulnerable URL: https://www.princeton.edu/roxen/documentation/rxml//index.xml?rth=sb-login"'--!confirmOPENBUGBOUNTY...

IMHO Webmail 0.9x Account Hijacking Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5238/info A vulnerability has been reported in the IMHO Roxen webmail module which may enable a malicious user of the webmail system to gain access to the account of another user. This issue is due to an error in...

Roxen WebServer 2.0 .X %00 Request File/Directory Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1510/info If a request containing the null character %00 is made to the Roxen Web Server, the server will return directory contents, and the source of unparsed scripts and html pages. For example, a request to...

CVE-2002-2165

The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox...

Roxen counter module

The Roxen Challenger webserver is running and the counter module is installed. Requesting large counter GIFs eats up CPU-time on the server. If the server does not support threads this will prevent the server from serving other clients. SPDX-FileCopyrightText: 2000 Hendrik Scholz Some text...

Roxen counter module

The Roxen Challenger webserver is running and the counter module is installed. Requesting large counter GIFs eats up CPU-time on the server. If the server does not support threads this will prevent the server from serving other clients. OpenVAS Vulnerability Test $Id: roxencounter.nasl 8023...

CVE-2001-1118

A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL...

CVE-2001-1118

CVE-2001-1118 affects Roxen Web platform (Roxen 2.0 prior to 2.0.92 and Roxen 2.1 prior to 2.1.264). The issue is a failure to properly decode UTF-8, Mac, and ISO-2202 encoded URLs, enabling a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL. Affected compo...

New Roxen Webserver Library Issues

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+++++++++++++++++ ALERT! ALERT! A NEW BUFFER OVERFLOW IN LIBRARY FROM ROXEN! ALERT! ALERT! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++...

CVE-1999-1522

Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML. Public details on affected versions, root cause, impact and fixes are not provided in the connected documents.

CVE-1999-1522

Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML...

Roxen security alert: URL decoding vulnerable

Roxen Webserver 2.0 up to version 2.0.92 and 2.1 up to version 2.1.264 has a vulnerability that allows any user to retrieve any file from the host with the privileges of the web server. Having the CGI-module enabled escalates the problem by making it possible to run any executable. Description In...

CVE-2001-1118

A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL...

CVE-2000-0671

Roxen web server earlier than 2.0.69 allows allows remote attackers to bypass access restrictions, list directory contents, and read source code by inserting a null character %00 to the URL...

CVE-2000-0671

The vulnerability CVE-2000-0671 affects Roxen Web Server prior to 2.0.69. An attacker can insert a null character (%00) into the URL to bypass access restrictions, list directory contents, and read source code, resulting in information disclosure. Affected component: Roxen Web Server (versions