AN HTTPD 1.42 - Arbitrary Log Content Injection

source: https://www.securityfocus.com/bid/13069/info AN HTTPD is affected by a vulnerability that may allow remote attacker to inject arbitrary content in to the log file. This issue arises due to a failure of input validation. Corruption of logs may result in concealing attacks and/or misleading...

Icecast Multiple Vulnerabilities

Binary data 2724.prm...

CVE-2003-1127

CVE-2003-1127 affects Whale Communications e-Gap 2.5 on Windows 2000. The vulnerability allows remote attackers to obtain the login page source code by using the HTTP TRACE method, bypassing the preprocessor. Documented impact is partial confidentiality loss with no indicated integrity or availab...

CVE-2003-1127

Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor...

CVE-2003-1102

Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code...

CVE-2003-1102

CVE-2003-1102 affects Hummingbird CyberDOCS versions 3.5, 3.9, and 4.0 when run on IIS. The root cause is insecure permissions on script source code files, enabling remote attackers to read the source code. The connected documents confirm the same description across multiple records (NVD, CVE Lis...

CVE-2005-0622

RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing 1 . dot or 2 space...

CVE-2005-0622

RaidenHTTPD 1.1.32 (and possibly earlier than 1.1.34) is affected by CVE-2005-0622. The issue allows remote attackers to view the PHP source code by issuing an HTTP GET for a filename that ends with a trailing dot or a trailing space. The vulnerability impacts confidentiality (partial) and is exp...

CVE-2005-0622

RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing 1 . dot or 2 space...

RaidenHTTPD < 1.1.34 Multiple Remote Vulnerabilities

The remote host is running RaidenHTTPD 1.1.33 or older. Ther are various flaws in the remote version of this server which may allow an attacker to disclose the source code of any PHP file hosted on the remote server, or to execute arbitrary code on the remote with the privileges of the remote...

Blazix Trailing Character JSP Source Disclosure

The remote host is running the Blazix web server, a web server written in Java. The installed version of Blazix discloses the source code of its JSP pages by requesting the pages while appending a plus sign or a backslash to its name. An attacker may use this flaw to get the source code of your...

lighttpd script source code leak

It's possible to retrieve CGI script source code...

CVE-2005-0425

Affected product/versions: IBM WebSphere Application Server 5.0, 5.1, and 6.0 running on Windows. Vulnerability: An information-disclosure flaw where requesting a JSP file with a crafted URL causes the file-serving servlet to process the request instead of the JSP engine, exposing the JSP source ...

Sympa < 4.1.3 src/queue.c Remote Buffer Overflow

Binary data 2614.prm...

[SA14274] IBM WebSphere Application Server JSP Source Code Disclosure

TITLE: IBM WebSphere Application Server JSP Source Code Disclosure SECUNIA ADVISORY ID: SA14274 VERIFY ADVISORY: http://secunia.com/advisories/14274/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: IBM WebSphere Application Server 6.x...

IBM WebSphere Java Server Pages &#40;JSP&#41; source code leak

No description provided...

CVE-2005-0286

eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a 1 . dot or 2 + plus sign at the end, which returns the source code for that file...

SUSE-SA:2005:002: php4, mod_php4

The remote host is missing the patch for the advisory SUSE-SA:2005:002 php4, modphp4. PHP is a well known, widely-used scripting language often used within web server setups. Stefan Esser and Marcus Boerger found several buffer overflow problems in the unserializer functions of PHP CVE-2004-1019...

Linux Kernel 2.4 uselib() Privilege Elevation Exploit

Exploit for linux platform in category local exploits ===================================================== Linux Kernel 2.4 uselib Privilege Elevation Exploit ===================================================== / Linux kernel 2.4 uselib privilege elevation exploit. original exploit source from...

[SA13718] b2evolution &quot;title&quot; SQL Injection Vulnerability

TITLE: b2evolution "title" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA13718 VERIFY ADVISORY: http://secunia.com/advisories/13718/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: b2evolution 0.x http://secunia.com/product/2126/ DESCRIPTION: r0ut3r ha...