UltraBoard cgi directory permission problem

Hacksware Bug Report 1. Name: UltraBoard cgi directory permission problem 2. Release Date: 2001.1.12 3. Affected Application: UltraBoard 2000 Personal Edition Version 2.11 http://www.ub2k.com/downloads/UB211PEB1.zip 4. Author: [email protected] 5. Type: Configuration Error 6. Explanation In defau...

Cisco Catalyst Web Interface Remote Command Execution

The remote device appears to be a Cisco Catalyst. It is possible to execute arbitrary commands on the router by requesting them via HTTP, as in : /exec/show/config/cr This command shows the configuration file, which contains passwords. A remote attacker could use this flaw to take control of the...

PHP File Upload Capability Hidden Form Field Modification Arbitrary File Access

A version of PHP that is older than 3.0.17 or 4.0.3 is running on this host. If a PHP service that allows users to upload files and then display their content is running on this host, an attacker may be able to read arbitrary files from the server. %NASLMINLEVEL 70300 C Tenable Network Security,...

Apache WebDAV Module PROPFIND Arbitrary Directory Listing

The WebDAV module can be used to obtain a listing of the remote web server directories even if they have a default page such as index.html. This allows an attacker to gain valuable information about the directory structure of the remote host and could reveal the presence of files which are not...

PostgreSQL Default Unpassworded Account

It is possible to connect to the remote PostgreSQL database server using an unpassworded account. This may allow an attacker to launch further attacks against the database. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Apache Tomcat contextAdmin Arbitrary File Access

The page /admin/contextAdmin/contextAdmin.html can be accessed. An attacker can exploit this to read arbitrary files. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10477; scriptversion"1.33"; scriptcvsdate"Date: 2018/08/03 11:35:08"; scriptcveid"CVE-2000-0672";...

NFS Share Export List

This plugin retrieves the list of NFS exported shares. C Tenable Network Security, Inc. include 'compat.inc' ; if description scriptid10437; scriptversion"1.36"; scriptcvsdate"Date: 2019/10/04 16:48:26"; scriptnameenglish:"NFS Share Export List"; scriptsummaryenglish:"Gets a list of exported NFS...

ICQ2000A ICQmail temparary internet link vulnearbility

============================================== Vulnerability : ICQ2000A ICQwebmail temparary internet link vulnearbility Name : Gert Fokkema. Email : [email protected] Function : SecurityManager. Organization : ISAAN. http://www.fokkema.8k.com Organization : Noorderpoortcollege...

NAI WebShield SMTP GET_CONFIG Information Disclosure

The remote NAI WebShield SMTP Management tool gives away its configuration when it is issued the command : GETCONFIG This may be of some use to an attacker to gain more knowledge about this system. C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10424; scriptversion...

Sambar Server /cgi-bin/mailit.pl Arbitrary Mail Relay

The Sambar web server is running and the 'mailit.pl' cgi is installed. This CGI takes a POST request from any host and sends a mail to a supplied address. %NASLMINLEVEL 70300 Copyright 2000 by Hendrik Scholz Changes by Tenable: - Revised plugin title 4/2/2009 - Updated to use compat.inc, added CV...

spin_client.cgi Remote Overflow

There is a buffer overrun in the 'spinclient.cgi' CGI program, which will allow anyone to execute arbitrary commands with the same privileges as the web server root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Thanks to Tollef Fog Heen for his help include 'compat.inc' ;...

Microsoft IIS repost.asp File Upload

The script '/scripts/repost.asp' is installed on the remote IIS web server and allows an attacker to upload arbitrary files to the '/Users' directory if it has not been configured properly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script audit and contributions from Carmichael Securit...

Первый российский антивирус для Firewall!

No description provided...

rpm_query CGI System Information Disclosure

The rpmquery CGI is installed. This CGI allows anyone who can connect to this web server to obtain the list of the installed RPMs. This allows an attacker to determine the version number of your installed services, hence making their attacks more accurate. %NASLMINLEVEL 70300 C Tenable Network...

Sambar Server Multiple Script Arbitrary Code Execution

At least one of these CGI scripts is installed : hello.bat echo.bat They allow any attacker to execute commands with the privileges of the web server process. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10246;...

frontpage.doubledot.txt

Description: Doubledot bug in FrontPage FrontPage Personal Web Server. Compromise: Accessing drive trough browser. Vulnerable Systems: Frontpage-PWS32/3.0.2.926 other versions not tested. Details: When FrontPage-PWS runs a site on your c:\ drive your drive could be = accessed by any user accessin...

metasearch

Vulnerable Program: Meta Tag Generator meta.pl Platform : UNIX Company : www.cgi-access.com Impact : Remote users can view arbitary files with httpd privilidges Found by : slackette [email protected] Date : 14th November Meta Tag Generator As quoted from their site, "You can now offer your...

Vermillion FTPD Long CWD Commands DoS

It was possible to make the remote FTP server crash by issuing the commands : CWD CWD CWD Where is longer than 504 chars. An attacker can use this problem to prevent your FTP server from working properly, thus preventing legitimate users from using it. C Tenable Network Security, Inc...

Microsoft SQL Server TCP/IP Listener Detection

The remote host is running MSSQL, a database server from Microsoft. It is possible to extract the version number of the remote installation from the server pre-login response. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10144; scriptversion"1.62";...

Sendmail decode Alias Arbitrary File Overwrite

The remote SMTP server seems to pipe mail sent to the 'decode' alias to a program. There have been in the past a lot of security problems regarding this, as it would allow an attacker to overwrite arbitrary files on the remote server. We suggest you deactivate this alias. C Tenable Network...