4684 matches found
FTP Service 1.2 - Multiple Vulnerabilities
FTP Service 1.2 - Multiple Vulnerabilities FTP Service Multiple Vulnerabilities Vendor: Pablo Software Solutions Product: FTP Service Version: = 1.2 Website: http://www.pablovandermeer.nl/ftpservice.html BID: 7799 7801 Description: FTPService.exe is a service-version of Pablo's FTP Server. This...
PalmVNC 1.40 Insecure Records
Flurnet Security ---------------- Application: PalmVNC 1.40 Developers: Harkan Software http://www.harakan.btinternet.co.uk/PalmVNC/ Vladimir Minenko http://www.wind-networks.de/PalmVNC/ Scope: VNC passwords saved in plaintext with backup bit. Tested on: PalmVNC 1.40 older versions probably...
SNMP security issues in D-Link DSL Broadband Modem/Router
Arhont Ltd - Information Security Company Arhont Advisory by: Andrei Mikhailovsky www.arhont.com Advisory: D-Link DSL Broadband Modem/Router Router Model Name: D-Link DSL-500 Model Specific: Other models might be vulnerable as well Manufacturer site: http://www.dlink.com Manufacturer contact UK:...
5861 IP Filtering issues
Product: Efficient Networks 5861 DSL Router http://www.efficient.com/ebz/5800.html Tested version: 5.3.80 Latest firmware Advisory date: 10/01/2003 Severity: Moderate Details When using the built in IP filtering to block incoming TCP SYN flags, a simple port scan to the WAN interface of the route...
CVE-2002-2265
Unspecified vulnerability in LDAP Module in System Authentication of Open Source Internet Solutions OSIS 5.4 running on Tru64 UNIX 4.0G and 4.0F allows remote attackers to gain access to arbitrary files or gain privileges via unknown attack vectors...
CVE-2002-1248
Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other versions before 2.1.5 allows remote attackers to cause a denial of service crash via a GET request for a "%" URI...
Advisory: File disclosure in DB4Web
Guardeonic Solutions AG www.guardeonic.com Security Advisory 01-2002 Advisory Name: DB4Web R File Disclosure Release Date: 09/17/02 Affected Product: DB4Web R Application Server Platform: Linux, nix, MS Windows Version: Unknown Severity: A DB4Web component allows files on the server to be...
Pablo Sofware Solutions FTP server Directory Traversal Vulnerability
Pablo Sofware Solutions FTP server Directory Traversal Vulnerability .oO Overview Oo. Pablo Software Solutions FTP server version 1.0 build 9 shows files and directories that reside outside the normal FTP root directory. Discovered on 2002, July, 20th Vendor: Pablo Software Solutions Pablo's FTP...
SQL injection in PHPGroupware
Preface PHPGroupware is a Groupware application written in PHP. It provides a framework of applications like calendar, ToDo list, notes, HR management, that come with PHPGroupware as well as an API to write new applications. All data is stored in an SQL database. + Problem PHPGroupware 0.9.12 the...
PHP contains vulnerability in "php_mime_split" function allowing arbitrary code execution
Overview Vulnerabilities in PHP versions 3 and 4 could allow an intruder to execute arbitrary code with the privileges of the web server. Description PHP is a scripting language widely used in web development. PHP can be installed on a variety of web servers, including Apache, IIS, Caudium,...
CheckPoint FW1 HTTP Security Hole
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings! A quite known proxy vulnerability was found for FW1 V4.1 SP5 plus hotfixes - thanks to Ryan Snyder for announcing the first bits on Firewall-1 mailing list. If you connect to a server you are allowed to connect to via HTTP proxy e.g. a comm...
CVE-2001-0913
CVE-2001-0913 : A format-string vulnerability in Network Solutions Rwhoisd ≤ 1.5.7.2 (when using syslog) allows remote attackers to trigger memory corruption and possibly execute arbitrary code via a rwhois request containing format specifiers. The issue is caused by improper handling of format s...
CVE-2001-1204
Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. dot dot in the page parameter...
CVE-2001-0838
Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command...
CVE-2001-0838
Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command...
CVE-2001-0838
Network Solutions Rwhoisd 1.5.x is affected by a remote format-string vulnerability in the -soa handling, allowing arbitrary code execution. Root cause: format string vulnerability in the server’s error/format handling. Impact: remote code execution with the privileges of the RWhoisd process; pot...
CVE-2001-0913
Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers...
Cisco Security Advisory: ICMP Unreachable vulnerability in Cisco 12000 Series
-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: ICMP Unreachable vulnerability in Cisco 12000 Series Internet Router Revision 1.0 For Public Release 2001 November 14 08:00 UTC -0800 Summary The performance of Cisco 12000 series routers can be degraded when they have to send a large...
Security BugWare Advisory
----www.securitybugware.org---- A D V I S O R I E S Dear World, From 1996 to 9th Sep 2001, Hrvoje Crvelin maintained the most explicit website about bugs, exploits, and solutions. He decided to stop this project. As there is no such resource on the web, we decided to keep this one alive. Behind t...
CVE-2001-0788
Internet Software Solutions Air Messenger LAN Server AMLServer 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header...