170 matches found
Fedora Update for awstats FEDORA-2008-10938
Check for the Version of awstats OpenVAS Vulnerability Test Fedora Update for awstats FEDORA-2008-10938 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 8 Update: awstats-6.8-2.fc8
Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works from command line or as a CGI and shows you all information your log contai ns, in graphical web pages. It can analyze a lot of web/wap/proxy servers lik...
XM Easy Personal FTP Server 5.4.0 (XCWD) Denial of Service Exploit
No description provided by source. !/usr/bin/python XM Easy Personal FTP Server 5.4.0 XCWD DoS When admin looks at the server log, application crashes : Elhamdulillahi Rabbil-alemin! bt ./sploit.py + Saljemo zli bafer : + Now wait until the admin looks at server log : + Finito!...
CVE-2002-2389
TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files...
CVE-2007-4669
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log firebird.log, aka CORE-1148...
Code injection
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log firebird.log, aka CORE-1148...
CVE-2007-4669
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log firebird.log, aka CORE-1148...
CVE-2007-4669
The CVE-2007-4669 issue affects Firebird prior to 2.0.2: the Services API allows remote authenticated users (without SYSDBA) to read the server log (firebird.log) due to CORE-1148. Affected component is the Firebird server stack; vulnerability arises from insufficient access control around log ex...
CVE-2007-0482
cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 allows local users to obtain the utadmin password by reading a web server's log file, or by conducting a different, unspecified local attack...
CVE-2007-0338
Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log...
CVE-2007-0338
Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log...
VMWare ESX Server crossite scripting and password leak
Management Interface crossite scripting. Additionally, cleartext password is contained in session cookie and server log files...
CVE-2005-4761
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and earlier log the Java command line at server startup, which might include sensitive information passwords or keyphrases in the server log file when the -D option is used...
Information disclosure
BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration information...
CVE-2006-0424
BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration information...
CVE-2006-0424
BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration information...
CVE-2006-0424
CVE-2006-0424 affects BEA WebLogic Server and WebLogic Express, specifically versions 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7. The vulnerability permits remote authenticated guest users to read the server log and obtain sensitive configuration information. The available connected so...
CVE-2005-4761
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and earlier log the Java command line at server startup, which might include sensitive information passwords or keyphrases in the server log file when the -D option is used...
DEBIAN-CVE-2005-3487
Multiple buffer overflows in Scorched 3D 39.1 bf and earlier allow remote attackers to execute arbitrary code via various 1 GLConsole::addLine, 2 ServerCommon::sendString, 3 ServerCommon::serverLog functions, 4 a long command that is not properly handled in ComsMessageHandler.cpp when generating ...
BEA WebLogic 7.0/8.1 - Administration Console Cross-Site Scripting
source: https://www.securityfocus.com/bid/14657/info BEA WebLogic administration console is prone to cross-site scripting attacks. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may...