994 matches found
CheckPoint FW1 HTTP Security Hole
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings! A quite known proxy vulnerability was found for FW1 V4.1 SP5 plus hotfixes - thanks to Ryan Snyder for announcing the first bits on Firewall-1 mailing list. If you connect to a server you are allowed to connect to via HTTP proxy e.g. a comm...
PHP Rocket for FrontPage phprocketaddin page Parameter Traversal Arbitrary File Access
There is a vulnerability in the PHP Rocket Add-in for FrontPage that allows a remote attacker to view the contents of any arbitrary file to which the web user has access. This vulnerability exists because the PHP Rocket Add-in does not filter out ../ and is, therefore, susceptible to this directo...
Faqmanager.cgi file read vulnerability
Description from official page: FAQmanager is one simple perl script that allow you to easily set up and maintain a FAQ Frequently Asked Questions. Vulnerability: Faqmanager can be used to read files on the server the httpd has access to. Example: faqmanager.cgi?toc=/etc/passwd00 will show the...
Alchemy Eye/Network Monitor Traversal Arbitrary Command Execution
Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. %NASLMINLEVEL 70300 This script was...
ActivePerl 5.6.1 - 'perlIIS.dll' Remote Buffer Overflow (3)
source: https://www.securityfocus.com/bid/3526/info ActivePerl is an implementation of the Perl scripting language for Microsoft Windows systems developed by Activestate. ActivePerl allows for high-performance integration with IIS using a DLL called 'perlIIS.dll' to handle a '.plx' ISAPI extensio...
ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow (1)
ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/3526/info ActivePerl is an implementation of the Perl scripting language for Microsoft Windows systems developed by Activestate. ActivePerl allows for high-performance integration with IIS using a...
BSCW vulnerable to arbitrary file overwriting via symlink redirection of temporary file
Overview BSCW is a groupware system that runs on a web server. BSCW follows symbolic links in tar files that it extracts into a user's local area. Accessing those links may allow the user to view arbitrary files viewable by the web server, and to overwrite files writable by the web server...
CVE-1999-1525
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie...
LDAP NULL BASE Search Access
The remote LDAP server supports search requests with a NULL, or empty, base object. This allows information to be retrieved without any prior knowledge of the directory structure. Coupled with a NULL BIND, an anonymous user may be able to query your LDAP server using a tool such as 'LdapMiner'...
PHPLib Team PHPLIB 7.2 - Remote Script Execution
source: https://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility exists that an application may be...
[SNS Advisory No.36] TrendMicro InterScan WebManager Version 1.2 HttpSave.dll Buffer Overflow Vulnerability
----------------------------------------------------------------------- SNS Advisory No.36 TrendMicro InterScan WebManager Version 1.2 HttpSave.dll Buffer Overflow Vulnerability Problem first discovered: Mon, 11 Jun 2001 Published: Mon, 2 Jul 2001...
RobTex Viking Server 1.0.7 - Relative Path Webroot Escaping
RobTex Viking Server 1.0.7 - Relative Path Webroot Escaping source: https://www.securityfocus.com/bid/2643/info The Viking Server is a freely available software package maintained and distributed by Robtex. The Viking Server provides multiple protocol service on Windows 95, 98, and NT systems. A...
Local promotion in NT4's NTLM Security Support Provider
BindView Security Advisory -------- Local promotion vulnerability in NT4's NTLM Security Support Provider Issue Date: February 7, 2001 Contact: [email protected] Topic: Local promotion vulnerability in NT4's NTLM Security Support Provider Overview: Due to a flaw in the NTLM Security Suppo...
CVE-2000-1071
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges...
CVE-2000-1071
Technical details (affected product, root cause, impact, and fix) are not publicly available in the provided documents. Monitor official CVE records and vendor advisories for updates.
Дырки в PHP под Apache
В отдельных случаях можно обойти .htaccess, кроме того, отключив PHP на одном виртуальном сервере можно выключить егона всех остальных и получить доступ к коду...
alex heiphetz Group eZshopper 2.03.0 - Directory Traversal
alex heiphetz Group eZshopper 2.03.0 - Directory Traversal source: https://www.securityfocus.com/bid/2109/info It is possible for a remote user to gain read access to various files that reside within the EZShopper directory. By requesting a specially crafted URL utilizing loadpage.cgi' applicatio...
CVE-2000-1071
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges...
Ipswitch IMail 6.x - File Attachment
Ipswitch IMail 6.x - File Attachment source: https://www.securityfocus.com/bid/1617/info IPSWITCH ships a product titled IMail, an email server for usage on NT servers serving clients their mail via a web interface. To this end the IMail server provides a web server typically running on port 8383...
Kerberos 4 4.0/5 5.0 - KDC Spoofing
source: https://www.securityfocus.com/bid/1616/info Kerberos is a cryptographic authentication protocol that allows users of a network to access services without transmitting cleartext passwords. A common implementation of the protocol includes a login service which is vulnerable to an attack whi...