Lucene search
K

994 matches found

securityvulns
securityvulns
added 2002/02/20 12:0 a.m.29 views

CheckPoint FW1 HTTP Security Hole

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings! A quite known proxy vulnerability was found for FW1 V4.1 SP5 plus hotfixes - thanks to Ryan Snyder for announcing the first bits on Firewall-1 mailing list. If you connect to a server you are allowed to connect to via HTTP proxy e.g. a comm...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/01/17 12:0 a.m.87 views

PHP Rocket for FrontPage phprocketaddin page Parameter Traversal Arbitrary File Access

There is a vulnerability in the PHP Rocket Add-in for FrontPage that allows a remote attacker to view the contents of any arbitrary file to which the web user has access. This vulnerability exists because the PHP Rocket Add-in does not filter out ../ and is, therefore, susceptible to this directo...

5CVSS5.8AI score0.02012EPSS
Exploits1References1
securityvulns
securityvulns
added 2002/01/08 12:0 a.m.64 views

Faqmanager.cgi file read vulnerability

Description from official page: FAQmanager is one simple perl script that allow you to easily set up and maintain a FAQ Frequently Asked Questions. Vulnerability: Faqmanager can be used to read files on the server the httpd has access to. Example: faqmanager.cgi?toc=/etc/passwd00 will show the...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/12/03 12:0 a.m.41 views

Alchemy Eye/Network Monitor Traversal Arbitrary Command Execution

Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. %NASLMINLEVEL 70300 This script was...

7.5CVSS5.5AI score0.02966EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2001/11/15 12:0 a.m.32 views

ActivePerl 5.6.1 - 'perlIIS.dll' Remote Buffer Overflow (3)

source: https://www.securityfocus.com/bid/3526/info ActivePerl is an implementation of the Perl scripting language for Microsoft Windows systems developed by Activestate. ActivePerl allows for high-performance integration with IIS using a DLL called 'perlIIS.dll' to handle a '.plx' ISAPI extensio...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/11/15 12:0 a.m.20 views

ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow (1)

ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/3526/info ActivePerl is an implementation of the Perl scripting language for Microsoft Windows systems developed by Activestate. ActivePerl allows for high-performance integration with IIS using a...

0.8AI score
Exploits0
CERT
CERT
added 2001/11/15 12:0 a.m.28 views

BSCW vulnerable to arbitrary file overwriting via symlink redirection of temporary file

Overview BSCW is a groupware system that runs on a web server. BSCW follows symbolic links in tar files that it extracts into a user's local area. Accessing those links may allow the user to view arbitrary files viewable by the web server, and to overwrite files writable by the web server...

6.4CVSS6.2AI score0.02025EPSS
Exploits0References5
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.16 views

CVE-1999-1525

Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie...

6.7AI score0.0116EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2001/08/13 12:0 a.m.942 views

LDAP NULL BASE Search Access

The remote LDAP server supports search requests with a NULL, or empty, base object. This allows information to be retrieved without any prior knowledge of the directory structure. Coupled with a NULL BIND, an anonymous user may be able to query your LDAP server using a tool such as 'LdapMiner'...

5.5AI score
Exploits0References1
Exploit DB
Exploit DB
added 2001/07/21 12:0 a.m.30 views

PHPLib Team PHPLIB 7.2 - Remote Script Execution

source: https://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility exists that an application may be...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/07/03 12:0 a.m.22 views

[SNS Advisory No.36] TrendMicro InterScan WebManager Version 1.2 HttpSave.dll Buffer Overflow Vulnerability

----------------------------------------------------------------------- SNS Advisory No.36 TrendMicro InterScan WebManager Version 1.2 HttpSave.dll Buffer Overflow Vulnerability Problem first discovered: Mon, 11 Jun 2001 Published: Mon, 2 Jul 2001...

1.5AI score
Exploits0
exploitpack
exploitpack
added 2001/04/23 12:0 a.m.20 views

RobTex Viking Server 1.0.7 - Relative Path Webroot Escaping

RobTex Viking Server 1.0.7 - Relative Path Webroot Escaping source: https://www.securityfocus.com/bid/2643/info The Viking Server is a freely available software package maintained and distributed by Robtex. The Viking Server provides multiple protocol service on Windows 95, 98, and NT systems. A...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2001/02/09 12:0 a.m.58 views

Local promotion in NT4's NTLM Security Support Provider

BindView Security Advisory -------- Local promotion vulnerability in NT4's NTLM Security Support Provider Issue Date: February 7, 2001 Contact: [email protected] Topic: Local promotion vulnerability in NT4's NTLM Security Support Provider Overview: Due to a flaw in the NTLM Security Suppo...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.15 views

CVE-2000-1071

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges...

6.9AI score0.02996EPSS
Exploits1References4
CVE
CVE
added 2001/01/22 5:0 a.m.45 views

CVE-2000-1071

Technical details (affected product, root cause, impact, and fix) are not publicly available in the provided documents. Monitor official CVE records and vendor advisories for updates.

10CVSS7.3AI score0.02996EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2001/01/16 12:0 a.m.28 views

Дырки в PHP под Apache

В отдельных случаях можно обойти .htaccess, кроме того, отключив PHP на одном виртуальном сервере можно выключить егона всех остальных и получить доступ к коду...

0.5AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2000/12/13 12:0 a.m.23 views

alex heiphetz Group eZshopper 2.03.0 - Directory Traversal

alex heiphetz Group eZshopper 2.03.0 - Directory Traversal source: https://www.securityfocus.com/bid/2109/info It is possible for a remote user to gain read access to various files that reside within the EZShopper directory. By requesting a specially crafted URL utilizing loadpage.cgi' applicatio...

0.2AI score
Exploits0
NVD
NVD
added 2000/12/11 5:0 a.m.13 views

CVE-2000-1071

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges...

10CVSS6.9AI score0.02996EPSS
Exploits1References4
exploitpack
exploitpack
added 2000/08/30 12:0 a.m.11 views

Ipswitch IMail 6.x - File Attachment

Ipswitch IMail 6.x - File Attachment source: https://www.securityfocus.com/bid/1617/info IPSWITCH ships a product titled IMail, an email server for usage on NT servers serving clients their mail via a web interface. To this end the IMail server provides a web server typically running on port 8383...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/08/28 12:0 a.m.25 views

Kerberos 4 4.0/5 5.0 - KDC Spoofing

source: https://www.securityfocus.com/bid/1616/info Kerberos is a cryptographic authentication protocol that allows users of a network to access services without transmitting cleartext passwords. A common implementation of the protocol includes a login service which is vulnerable to an attack whi...

7.4AI score
Exploits0
Rows per page
Query Builder