CVE-2002-1180

CVE-2002-1180 affects Microsoft Internet Information Services (IIS) 5.0. The issue is a typographical error in script source access permissions that does not properly exclude .COM files, allowing attackers with only write permissions to upload malicious .COM files to run code on the server. Accor...

CVE-2002-1180

A typographical error in the script source access permissions for Internet Information Server IIS 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."...

Hummingbird CyberDOCS sets insecure permissions on script source code files

Overview Hummingbird CyberDOCS running on Microsoft Internet Information Services IIS sets insecure permissions on script source code files. A remote attacker could read the contents of unprotected files. Description Hummingbird CyberDOCS Hummingbird DM is a web-based enterprise document manageme...

[Full-Disclosure] R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Rapid7, Inc. Security Advisory Visit http://www.rapid7.com/ to download NeXpose, the world's most advanced vulnerability scanner. Linux and Windows 2000/XP versions are available now! Rapid7 Advisory R7-0015 Multiple Vulnerabilities Apple...

CVE-2002-1180

A typographical error in the script source access permissions for Internet Information Server IIS 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."...

Sambar Server 5.1 - Script Source Disclosure

Sambar Server 5.1 - Script Source Disclosure source: https://www.securityfocus.com/bid/4533/info An issue has been discovered in Sambar Server, which could allow a user to reveal the source code of script files. Submitting a request for a known script file along with a space and null character %0...

Sambar Server 5.1 - Script Source Disclosure

source: https://www.securityfocus.com/bid/4533/info An issue has been discovered in Sambar Server, which could allow a user to reveal the source code of script files. Submitting a request for a known script file along with a space and null character %00, will successfully bypass the serverside UR...

CVE-2001-0693

WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space %20...

CVE-2001-0693

WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space %20...

CVE-2001-0693

CVE-2001-0693 affects WebTrends HTTP Server 3.1c and 3.5, where a remote attacker can view script source by requesting a filename followed by an encoded space (%20). The underlying issue is an information disclosure vulnerability in the server’s handling of URL paths. The CVSS vector indicates ne...

Remote vulnerabilities in OmniHTTPd

== 403 Security Lab == www.403-security.org Advisory ID: 403-05-2001 ------------------------------------------------- Advisory Name: Remote vulnerabilities in OmniHTTPd Release Date: 26.05.2001 Application: OmniHTTPd Platform: Tested on Windows2000 only Author: Astral [email protected]...

CVE-1999-0758

Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL...

Дырка в нескольких Web-серверах (script source revealing)

Можно получить содержимое скрипт-документав использовав в имени файлы в URL escaped-последовательность или специальное имя директории...

Tomcat may reveal script source code by URL trickery

Tomcat may reveal script source code by URL trickery ---------------------------------------------------- Sverre H. Huseby advisory 2001-03-29 Systems affected ---------------- Tomcat 4.0-b1 latest milestone and nighly build as of 2001-03-28 tested. Other versions may be vulnerable too. The probl...

PT-2001-1084 · Netscape +1 · Netscape Enterprise +1

Name of the Vulnerable Software and Affected Versions: Netscape Enterprise version 3.5.1 FastTrack version 3.01 Description: A remote attacker can view the source code of scripts by appending a %20 to the script's URL. Recommendations: For Netscape Enterprise version 3.5.1, update the server...