CVE-2001-1511

JRun 3.0 and 3.1 running on JRun Web Server JWS and IIS allows remote attackers to read arbitrary JavaServer Pages JSP source code via a request URL containing the source filename ending in 1 "jsp%00" or 2 "js%2570"...

Buffer overflow in Python code

Hi, I've found buffer overflow in Python 2.1.1 source code. Maybe there're many others The buffer overflow is in the file traceback.c in the directory Python of the Python source code. Simply there's a sprintf done in this way: sprintflinebuf,FMT,filename,lineno,name What cause the overflow is th...

IBM HTTP Server on AS/400 Trailing Slash Source Code Disclosure

IBM's HTTP Server on the AS/400 platform is vulnerable to an attack that will show the source code of the page -- such as a .html or .jsp page -- by attaching an '/' to the end of a URL. %NASLMINLEVEL 70300 This script was written by Felix Huber Script audit and contributions from Carmichael...

CVE-2001-0778

OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space %20...

CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode...

CVE-1999-0278

Microsoft IIS ASP::$DATA ASP Source Disclosure: remote attackers can obtain ASP source by appending '::$DATA' to the URL. Affected: IIS hosting ASP scripts. Root cause: information disclosure via URL handling in IIS. Exploitation details: not provided in the supplied documents. Remediation: no pa...