Lucene search
+L

29 matches found

securityvulns
securityvulns
added 2000/07/24 12:0 a.m.47 views

Roxen Web Server Vulnerability

Hi all, Excuse-me for my poor english : I discover two problems in Roxen Web server 2.0.46 and certainly prior. Perhaps it doesn't important. First problem: Suppose that Roxen is installed by default in /usr/local, the /usr/local/roxen/configurations/configinterface/settings/administratoruid file...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2000/07/24 12:0 a.m.32 views

Проблемы в сервере Roxen

Используя нулевой символ 00 можно просматривать листинги директорий, получать содержимое исполняемых файлов и т.д...

0.7AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2000/07/24 12:0 a.m.36 views

Roxen security alert: Problems with URLs containing null characters.

Roxen 2.0 up to version 2.0.68 has a vulnerability where using URLs containing null characters can gain the browser access to information he is not authorized to: Directory listings in directories with index files In normal filesystems: the sourcecode for RXML files, Pike scripts, CGIs etc...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/07/22 12:0 a.m.46 views

Roxen Web Server /%00/ Encoded Request Forced Directory Listing

The version of Roxen Web Server running on the remote host is affected by an information disclosure vulnerability. An unauthenticated, remote attacker can exploit this, by using a crafted URL request with '/%00/' appended to the URI, to display a listing of a remote directory, which may contain...

5CVSS5.6AI score0.07864EPSS
Exploits1References2
NVD
NVD
added 2000/07/21 4:0 a.m.16 views

CVE-2000-0671

Roxen web server earlier than 2.0.69 allows allows remote attackers to bypass access restrictions, list directory contents, and read source code by inserting a null character %00 to the URL...

5CVSS6.9AI score0.07864EPSS
Exploits1References4
exploitpack
exploitpack
added 2000/07/21 12:0 a.m.12 views

Roxen WebServer 2.0.x - %00 Request FileDirectory Disclosure

Roxen WebServer 2.0.x - %00 Request FileDirectory Disclosure source: https://www.securityfocus.com/bid/1510/info If a request containing the null character %00 is made to the Roxen Web Server, the server will return directory contents, and the source of unparsed scripts and html pages. For exampl...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/07/21 12:0 a.m.35 views

Roxen WebServer 2.0.x - '%00' Request File/Directory Disclosure

source: https://www.securityfocus.com/bid/1510/info If a request containing the null character %00 is made to the Roxen Web Server, the server will return directory contents, and the source of unparsed scripts and html pages. For example, a request to http://www.server.com/%00 Will return the...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/01/03 12:0 a.m.28 views

Roxen Web Server Counter Module Crafted Request Saturation DoS

Roxen Challenger WebServer is running with the counter module installed. Requesting large counter GIFs can lead to CPU exhaustion. If the server does not support threads, this will prevent the server from serving other clients. %NASLMINLEVEL 70300 Copyright 2000 by Hendrik Scholz Changes by...

5.5AI score
Exploits0
NVD
NVD
added 1999/10/07 4:0 a.m.19 views

CVE-1999-1522

Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML...

5CVSS6.6AI score0.01074EPSS
Exploits0References1
Rows per page
Query Builder