2171 matches found
Vulnerability in OpenSSL CVE-2003-0851
A flaw in OpenSSL 0.9.6k only would cause certain ASN.1 sequences to trigger a large recursion. On platforms such as Windows this large recursion cannot be handled correctly and so the bug causes OpenSSL to crash. A remote attacker could exploit this flaw if they can send arbitrary ASN.1 sequence...
minihttp file-sharing for net 1.5 - Directory Traversal
minihttp file-sharing for net 1.5 - Directory Traversal source: https://www.securityfocus.com/bid/8619/info It has been reported that WebForums and File-Sharing for NET are prone to a remote directory traversal attack due to insufficient sanitization of user-supplied data. This vulnerability coul...
Kukol E.V. HTTP FTP Server Suite 6.2 - File Disclosure
Kukol E.V. HTTP FTP Server Suite 6.2 - File Disclosure source: https://www.securityfocus.com/bid/8564/info The web server component of Kukol E.V. HTTP & FTP Server Suite is prone to a file disclosure vulnerability. Remote web users may use directory traversal sequences in requests to gain access ...
Moby's Netsuite Directory Traversal
Directory traversal with escape sequences...
CVE-2003-0475
Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files via an HTTP request containing URL-encoded .. sequences "%5c%2e%2e", a different vulnerability than CVE-2003-0474...
Important: Red Hat Security Advisory: : Updated XFree86 packages provide security and bug fixes
XFree86 is an implementation of the X Window System providing the core graphical user interface and video drivers. Updated XFree86 packages for Red Hat Linux 7.3 are now available which include several security fixes, bug fixes, enhancements, and driver updates. Security fixes: - Xterm, provides ...
security flaw
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
MyServer 0.4.10.4.2 - HTTP Server Directory Traversal
MyServer 0.4.10.4.2 - HTTP Server Directory Traversal source: https://www.securityfocus.com/bid/7944/info The MyServer HTTP server is prone to a file disclosure vulnerability. Encoded directory traversal sequences may be used to break out of the web root directory. Attackers may gain access to...
CVE-2003-0417
CVE-2003-0417 describes a directory traversal vulnerability in Son hServer 0.2 that allows a remote attacker to read arbitrary files using modified dot-dot sequences (".|."). The issue affects the server component of Son hServer and is triggered via crafted requests that bypass normal path checks...
Low: Red Hat Security Advisory: : Updated httpd packages fix security vulnerabilities.
Updated httpd packages which fix a number of security issues are now available for Red Hat Linux 8.0 and 9. The Apache HTTP Web Server is a secure, efficient, and extensible Web server that provides HTTP services. A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a...
CVE-2003-0083
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerabilit...
CVE-2002-0490
Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to 1 execute arbitrary POP commands via the id parameter in message.php, or 2 modify certain mail message headers via numerous parameters in write.php...
CVE-2003-0083
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerabilit...
DEBIAN-CVE-2003-0083
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerabilit...
security flaw
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerabilit...
CVE-2003-0083
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerabilit...
CVE-2003-0083
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerabilit...
Check Point FW-1 Syslog Daemon - Unfiltered Escape Sequence
Check Point FW-1 Syslog Daemon - Unfiltered Escape Sequence source: https://www.securityfocus.com/bid/7161/info An issue has been discovered in Check Point FW-1 syslog daemon when attempting to process a malicious, remotely supplied, syslog message. Specifically, some messages containing escape...
Check Point FW-1 Syslog Daemon - Unfiltered Escape Sequence
source: https://www.securityfocus.com/bid/7161/info An issue has been discovered in Check Point FW-1 syslog daemon when attempting to process a malicious, remotely supplied, syslog message. Specifically, some messages containing escape sequences are not properly filtered out. This may result in...
security flaw
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...