277 matches found
MiniHTTPServer Web Forums Server 1.x/2.0 - Directory Traversal
source: https://www.securityfocus.com/bid/7955/info It has been reported that WebForums Server does not properly handle some types of requests. Because of this, attackers may be able to gain access to files on the host server with the privileges of the web server process...
LedNews News Post XSS
The remote web server is running LedNews, a set of scripts designed to help maintain a news-based website. There is a flaw in some versions of LedNews that could allow an attacker to include rogue HTML code in the news, which may in turn be used to steal the cookies of people visiting this site, ...
Apache 2.0.45 - 'APR' Crash
!/usr/bin/perl Apache 2.0.37 - 2.0.45 APR Exploit Written By Matthew Murphy This Perl script will successfully exploit any un-patched Apache 2.x servers. Base64 Encoder If you want authentication with the server via HTTP's lame Basic auth, put the proper string to encode BASE64 content, and use...
Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
No description provided by source. !/usr/bin/perl Apache 2.0.37 - 2.0.45 APR Exploit Written By Matthew Murphy This Perl script will successfully exploit any un-patched Apache 2.x servers. Base64 Encoder If you want authentication with the server via HTTP's lame Basic auth, put the proper string ...
Buffer overflow in ArgoSoft FTP Server
Product: ArGoSOft FTP Server Version: 1.22 other ? OffSite: http://www.argosoft.com/ Problem: Remote buffer overflow -------------------------------------------------------------- ArGoSOft FTP Server - FTP server for Windows. He is exposed to attack. The server does not process the input data...
BLNews 2.1.3 - Remote File Inclusion
source: https://www.securityfocus.com/bid/7677/info It has been reported that BLNews is prone to a remote file include vulnerability. This is due to the incorrection initilization of some PHP headers within the application. As a result, an attacker may be capable of executing arbitrary PHP comman...
Macromedia ColdFusion MX 6.0 - Error Message Full Path Disclosure
source: https://www.securityfocus.com/bid/7443/info A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers. When certain malformed URL requests are received by the server, an error message is returned containing the full path of t...
WebWho+ whois.pl time Parameter Arbitrary Command Execution
The WebWho+ CGI script appears to be installed on the remote host. This Perl script allows an attacker to view any file on the remote host as well as to execute arbitrary commands, both subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
BitchX 1.0 - Remote 'Send_CTCP()' Memory Corruption
// source: https://www.securityfocus.com/bid/7097/info A memory corruption vulnerability has been discovered in BitchX 1.0c19. This issue occurs when handling server-supplied data and may cause characters to be written to sensitive stack memory. As a result, it may be possible for a malicious IRC...
3Com SuperStack 3 Firewall - Content Filter Bypassing
3Com SuperStack 3 Firewall - Content Filter Bypassing source: https://www.securityfocus.com/bid/7021/info A vulnerability has been reported in the 3Com Superstack 3 Firewall. HTTP content filters put in place by the device fail to assemble fragmented data, potentially allowing an attacker to acce...
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (2)
source: https://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cgi' script. An attacker may exploit this vulnerability ...
CVE-2002-1978
IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command...
CVE-2002-2145
Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space %20 and a '.' %2e at the end of the filename...
wget contains directory traversal vulnerability
Overview The wget utility contains directory traversal vulnerabilities that allow a malicious FTP server to overwrite files on the client host. Description In a typical file transfer operation, one participant the client requests a file while a second participant the server provides the requested...
3Com NBX ftpd CEL Command Remote Overflow (1)
According to its banner, the remote FTP server is a version of VxWorks ftpd between 5.4 and 5.4.2. Such versions are known to be affected by a buffer overflow that can be triggered with an overly-long 'CEL' command. This problem is similar to the 'aix ftpd' overflow but on embedded VxWorks-based...
SIX-webboard does not adequately validate user input thereby permitting directory traversal
Overview SIX-webboard does not adequately validate user input, allowing directory traversal. Description SIX-webboard 2.01 does not adequately validate the "content" CGI variable, allowing directory traversal out of SIX-webboard's content root directory. Attackers may exploit this vulnerability t...
PHP-Nuke v5.6 - Users can compromise admin accts.
Tested on PHP-Nuke v5.6 with Mozilla on Linux should work on past versions and on most browsers Impact: --------------------------------------------- Allows any user to get admin access to a PHP-Nuke site. Summary: ---------------------------------------------- Due to a XSS flaw in PHPNuke's...
BlueFace Falcon Web Server 2.0 - Error Message Cross-Site Scripting
source: https://www.securityfocus.com/bid/5435/info Falcon Webserver does not sufficiently sanitize HTML tags from error message output. In particular, attackers may inject HTML into 301 and 404 error pages. It is possible to create a malicious link to the server which will generate an error page...
CVE-2002-0146
fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array...
3CDaemon 2.0 - Buffer Overflow (1)
3CDaemon 2.0 - Buffer Overflow 1 // source: https://www.securityfocus.com/bid/4638/info 3CDaemon is an FTP server developed by Dan Gill of 3Com. Reportedly, it is possible to initiate a buffer overflow on a host running 3CDaemon. Submitting an unusually large amount of data to the ftp server, cou...