EUVD-2002-1807

Malware in sbrugna...

CVE-2002-1828

Savant Webserver 3.1 allows remote attackers to cause a denial of service crash via an HTTP GET request with a negative Content-Length value...

Savant Webserver 3.1 Malformed Content-Length Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5707/info Savant Webserver is prone to a denial of service attack, when processing a negative integer located in a users Content-Length value. It should be noted that versions below 3.1 may also be vulnerable to this issu...

Michael Lamont Savant WebServer 2.0 NULL Character DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/897/info The Savant Webserver cannot properly handle null characters in a GET request. If it encounters one, it will crash. The failure is logged in savantpath\Logs\general.txt http ://target/%00/...

Michael Lamont Savant WebServer 2.1/3.0 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1453/info A buffer overflow exists in the Savant Web Server. It is possible to exploit this overflow by sending an unusually long GET request to the server. / The MDMA Crew's proof-of-concept code for the buffer overflow ...

Savant Webserver 3.1 File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5709/info Savant Webserver is vulnerable to an input validation bug, that could allow malicious users access to password protected folders. It should be noted that versions below 3.1 may also be vulnerable to this issue...

Savant Webserver 3.1 - Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/8243/info Savant web server has been reported prone to multiple denial of service vulnerabilities. Reportedly, a remote attacker may invoke many HTTP requests in succession, against the Savant web server and cause the...

Michael Lamont Savant WebServer 2.1 CGI Source Code Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/1313/info Omitting the HTTP version from a GET request for a CGI script to the Savant Web Server discloses the source code of the script. telnet target 80 GET /cgi-bin/script.xyz HTTP/1.0 proper script execution/output GE...

savant-overflow.txt

!/usr/bin/perl -w exploit for Savant webserver 3.1 remote bof shellcode bind 4444 port on target host Jacopo cervini aka [email protected] use IO::Socket; if!$ARGV1 print "Uso: savant-3.1.pl \n\n"; exit; $victim = IO::Socket::INET-newProto='tcp', PeerAddr=$ARGV0, PeerPort=$ARGV1 or die "can't conne...

Savant 3.1 Get Request Remote Overflow Exploit (Universal)

No description provided by source. !/usr/bin/perl -w exploit for Savant webserver 3.1 remote bof shellcode bind 4444 port on target host Jacopo cervini aka [email protected] use IO::Socket; if!$ARGV1 print "Uso: savant-3.1.pl victim port\n\n"; exit; $victim = IO::Socket::INET-newProto='tcp',...

Savant 3.1 Get Request Remote Overflow Exploit (Universal)

Exploit for unknown platform in category remote exploits ========================================================== Savant 3.1 Get Request Remote Overflow Exploit Universal ========================================================== !/usr/bin/perl -w exploit for Savant webserver 3.1 remote bof...

CVE-2002-1828

Savant Webserver 3.1 is affected by a denial-of-service vulnerability triggered by sending an HTTP GET request with a negative Content-Length . The issue allows remote attackers to cause the server to crash. The available documents describe the vulnerable component as the Savant webserver (versio...

CVE-2002-1828

Savant Webserver 3.1 allows remote attackers to cause a denial of service crash via an HTTP GET request with a negative Content-Length value...

CVE-2002-1828

Savant Webserver 3.1 allows remote attackers to cause a denial of service crash via an HTTP GET request with a negative Content-Length value...

Savant 3.1 multiple vulnerabilities

Auriemma Luigi, PivX security advisory Application: Savant webserver http://savant.sourceforge.net Version: 3.1 and possibly previous versions Bug: Buffer overflow in cgitest, crash with negative Content-Length and bad chars usage Risk medium: Remote DoS and authorization bypassing the risk is...

Savant Webserver Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Savant Webserver Buffer Overflow Vulnerability Type: DoS, crashes Daemon Release Date: January 5, 2002 Product / Vendor: Savant is a freeware open source web server that runs on Windows 95, 98, ME, NT, and 2000, turning any desktop computer into a...

gnu-pop3d (FTGate problem), Savant Webserver, Guild FTPd

Yo, Errr... Sorry about saying gnu-pop3d had the same problem as FTGate - don't know how that got in my list - I assume from posting after a rather hectic party and before that vital cup of coffee the next day. : Apologies, all. Anyway, I found a stack overflow in the Savant webserver the other d...

MDMA Advisory #5: Reading of CGI Scripts under Savant Webserver

MDMA Advisory 5 by Andrew Lewis aka. Wizdumb Reading of CGI Scripts under Savant Webserver It is possible to view the source of CGI scripts running under the Savant Webserver by omitting the HTTP version from your request. For example, we connect to port 80 of the server and type "GET...

mdma-5.savant.txt

MDMA Advisory 5 by Andrew Lewis aka. Wizdumb Reading of CGI Scripts under Savant Webserver It is possible to view the source of CGI scripts running under the Savant Webserver by omitting the HTTP version from your request. For example, we connect to port 80 of the server and type "GET...