CVE-2009-5067

Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. dot dot in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web application, or if a...

The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)

$Id: guestbookssiexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Matt Wright guestbook.pl Arbitrary Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...

html2ps - include file Server-Side Include Directive Directory Traversal

html2ps - include file Server-Side Include Directive Directory Traversal !/usr/bin/env python html2ps the "include file" ssi directive doesn't check for directory traversal so you can include and disclose any file in the dir tree very handy when html2ps is running as a part of a web app with data...

html2ps - 'include file' Server-Side Include Directive Directory Traversal

!/usr/bin/env python html2ps the "include file" ssi directive doesn't check for directory traversal so you can include and disclose any file in the dir tree very handy when html2ps is running as a part of a web app with data that you control the vuln requires that "ssi" in the @html2ps block in t...

html2ps 'include file' Server Side Include Directive Directory Traversal Vulnerability

No description provided by source. !/usr/bin/env python html2ps = 1.0 beta5 arbitrary file disclosure http://user.it.uu.se/jan/html2ps.html author: epiphant [email protected] the "include file" ssi directive doesn't check for directory traversal so you can include and disclose any file in the...

Important: Red Hat Security Advisory: httpd22 security update

Updated httpd22 packages that fix multiple security issues are now available for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server...

RedHat Security Advisory RHSA-2009:1075

The remote host is missing updates announced in advisory RHSA-2009:1075. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the handling of compression structures between modssl and OpenSSL. If too many connections were opened in a short period of time, all...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the...

Microsoft IIS MS03-018 Security Check

A Cross-Site ScriptingXSSvulnerability affecting IIS 4.0, 5.0 and 5.1 involving the error message that SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Apache Httpd < 2.2.12 : AllowOverride Options handling bypass

A flaw was found in the handling of the "Options" and "AllowOverride" directives. In configurations using the "AllowOverride" directive with certain "Options=" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended...

Matt Wright guestbook.pl Arbitrary Command Execution

The Matt Wright guestbook.pl 'Matt Wright guestbook.pl Arbitrary Command Execution', 'Description' = %q The Matt Wright guestbook.pl 'aushack' , 'License' = MSFLICENSE, 'References' = 'CVE...

Note:the IIS under another dangerous ISAPI extension-a vulnerability warning-the black bar safety net

We first look at a report on the SSI: SSI what is the use? The reason you want to pull to the ssi, because shtml--server-parsed HTML of the acronym. Contains embedded server-side include command in the HTML text. In is transmitted to the browser before the server will SHTML document is completely...

cpanel10.txt

A new vulnerability was found in Cpanel V.10; It happen cause the variable &File of the select.html file in the edit-zone just filter the 's labels and the possibility can by open to other labels like Server Side Include, HMTL labels... including Javascript expressed in other ways An attacker can...

Apache Httpd < 1.3.33 : mod_include overflow

A buffer overflow in modinclude could allow a local user who is authorised to create server side include SSI files to gain the privileges of a httpd child...

CVE-2003-0628

PeopleSoft Gateway Administration servlet gateway.administration in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include SSI files via an HTTP request with an invalid value...

compaq.txt

SSI vulnerability in Compaq Web Based Management Agent ====================================================== Type of vulnerabilities: Server Side Include injection. Exploitable. Stack overflows and access violations. Exploitable? Creation of script objects. Exploitable? Affected Software: Compaq...

CVE-2003-0224

Buffer overflow in ssinc.dll for Microsoft Internet Information Services IIS 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include SSI directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."...

S21SEC-016 - Vignette SSI Injection

ID: S21SEC-016-en Title: Vignette SSI Injection Date: 15/03/2003 Status: Vendor contacted and solution available Scope: SSI Execution, In some cases Remote command execution Platforms: All Author: rpinuaga Location: http://www.s21sec.com/es/avisos/s21sec-016-en.txt Release: External S 2 1 S E C...

CVE-2002-0149

Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names...