5313 matches found
Apache Tomcat 34 - DefaultServlet File Disclosure
Apache Tomcat 34 - DefaultServlet File Disclosure source: https://www.securityfocus.com/bid/5786/info The servlet 'org.apache.catalina.servlets.DefaultServlet' is included with Apache Tomcat by default. It is possible to use this servlet to view contents of files within the webroot. This includes...
Jakarta Tomcat serves JSP source code when supplied malformed HTTP request
Overview Tomcat does not adequately validate HTTP requests and may reveal JSP source code if supplied a malformed HTTP request. Description JavaServer Pages JSP is a technology that allows for the creation of dynamic web content. The Apache Jakarta Project implementation of JSP is known as Tomcat...
CVE-2000-1204
Vulnerability in the modvhostalias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root...
CVE-2000-1204
CVE-2000-1204 affects Apache 1.3.9, 1.3.11 and 1.3.12 via the mod_vhost_alias module. The issue allows remote attackers to obtain the source code of CGI programs if the cgi-bin directory is under the document root. Impact is partial confidentiality; no exploitation details are provided in the con...
CVE-2002-0737
Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service resource exhaustion via DOS devices, using a URL that ends with a space and a null character...
Sambar Web Server vulnerable to sourcecode disclosure due to improper parsing of scripts
Overview Sambar Webserver displays script contents instead of interpreting them when the user adds certain characters to the end of the script URL. Description Sambar Webserver is designed to handle CGI requests by interpreting CGI scripts to produce output returned to the client. However, due to...
Source code leakage in JRun
Adding some sequences to request it's possible to obtain JSP source code...
WU-IMAP 2000.287(1-2) - Remote Overflow
/ 7350owex- x86/linux WU-IMAP 2000.2871-2 remote exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third parties, copied or duplicated in any...
WU-IMAP 2000.287(1-2) - Remote Overflow
WU-IMAP 2000.2871-2 - Remote Overflow / 7350owex- x86/linux WU-IMAP 2000.2871-2 remote exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to thir...
WU-IMAP 2000.287(1-2) Remote Exploit
Exploit for linux platform in category remote exploits ==================================== WU-IMAP 2000.2871-2 Remote Exploit ==================================== / 7350owex- x86/linux WU-IMAP 2000.2871-2 remote exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source...
Multiple vendors web server source code disclosure (8.3 name form at vulnerability - take II)
//////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////// ======================== Security Advisory ======================== ////////////////////////////////////////////////////////////////////////////...
wu-ftpd <= 2.6.1 Remote Root Exploit
Exploit for linux platform in category remote exploits ==================================== wu-ftpd = 13? ptrace inject on ppid / include include include include include include include include include include i...
WU-FTPD 2.6.1 - Remote Command Execution
/ 7350wurm - x86/linux wuftpd remote root exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third parties, copied or duplicated in any form, ...
Squid 2.4.1 - Remote Buffer Overflow
Squid 2.4.1 - Remote Buffer Overflow / 7350squish - x86/linux squid remote exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third parties,...
WU-FTPD 2.6.1 - Remote Command Execution
WU-FTPD 2.6.1 - Remote Command Execution / 7350wurm - x86/linux wuftpd remote root exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third...
Squid 2.4.1 - Remote Buffer Overflow
/ 7350squish - x86/linux squid remote exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third parties, copied or duplicated in any form, in...
wu-ftpd <= 2.6.1 Remote Root Exploit
No description provided by source. / 7350wurm - x86/linux wuftpd remote root exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third parties,...
KPMG-2002016: Bea Weblogic incorrect URL parsing issues
-------------------------------------------------------------------- Title: Bea Weblogic incorrect URL parsing issues BUG-ID: 2002016 Released: 30th Apr 2002 -------------------------------------------------------------------- Problem: ======== The Bea Weblogic server incorrectly parses certain...
JSP pages source code access
There are multiple ways to get a source code of JSP pages...
BEA WebLogic Null Byte Request JSP Source Disclosure
BEA WebLogic may be tricked into revealing the source code of JSP scripts by adding an encoded character %00x at the end of the request. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script was written by Renaud Deraison and is based on BEAweblogicRevealsourcecode.nasl Script audit an...