24 matches found
EUVD-2001-0135
Malware in sbrugna...
EUVD-2000-0425
Malware in sbrugna...
EUVD-2000-0331
Malware in sbrugna...
ultrascripts ultraboard 1.6 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1164/info UltraBoard 1.6 and possibly all 1.x versions is vulnerable to a directory traversal attack that will allow any remote browser to download any file that the webserver has read access to. On Windows instalations,...
UltraBoard 1.6 DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1175/info UltraBoard 1.6 and possibly all 1.x versions and the new beta Ultraboard 2000 are vulnerable to this Denial of Service attack. A remote user is able to expend all of the available resources of the webserver by...
UltraBoard UltraBoard.pl Arbitrary File Access
Binary data 1637.prm...
UltraBoard UltraBoard.cgi Arbitrary File Access
Binary data 1636.prm...
CVE-2001-0135
The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs...
CVE-2001-0135
CVE-2001-0135 affects Ultraboard 2000, version 2.11. The default install creates Skins, Database, and Backups directories with world-writable permissions, enabling a local user to modify sensitive information or potentially insert and execute CGI programs. The connected OpenVAS/Nessus entries ref...
CVE-2001-0135
The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs...
UltraBoard cgi directory permission problem
Hacksware Bug Report 1. Name: UltraBoard cgi directory permission problem 2. Release Date: 2001.1.12 3. Affected Application: UltraBoard 2000 Personal Edition Version 2.11 http://www.ub2k.com/downloads/UB211PEB1.zip 4. Author: [email protected] 5. Type: Configuration Error 6. Explanation In defau...
CVE-2000-0426
CVE-2000-0426 affects UltraBoard 1.6 and other versions. The vulnerability arises when a remote attacker uses UltraBoard in the Session parameter, causing UltraBoard to fork copies of itself and trigger a denial of service. The description notes the root cause as improper handling of a Session va...
CVE-2000-0426
UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself...
CVE-2000-0332
UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot .. and ends with a null byte...
CVE-2000-0332
UltraBoard 1.6 is affected by a path traversal in UltraBoard.pl/UltraBoard.cgi that allows remote attackers to read arbitrary files by supplying a pathname containing .. followed by a null byte. The vulnerability is described as arbitrary file access via this traversal vector; no exploitation det...
ultraboardv1.6
hola friends, found some interesting things in the "old" UltraBoard-Forum scripts UltraBoard V 1.6 class:Input Validation Error remote:Yes vulnerable:UltraBoard V1. vendor: www.ultrascripts.com || www.ub2k.com Description: By using the good old NullByte\000 its possible to open "any" file on the...
CVE-2000-0426
UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself...
UltraBoard 1.6 - Denial of Service
UltraBoard 1.6 - Denial of Service source: https://www.securityfocus.com/bid/1175/info UltraBoard 1.6 and possibly all 1.x versions and the new beta Ultraboard 2000 are vulnerable to this Denial of Service attack. A remote user is able to expend all of the available resources of the webserver by...
UltraBoard 1.6 - Denial of Service
source: https://www.securityfocus.com/bid/1175/info UltraBoard 1.6 and possibly all 1.x versions and the new beta Ultraboard 2000 are vulnerable to this Denial of Service attack. A remote user is able to expend all of the available resources of the webserver by using a specially-devised request t...
Проблемы с UltraBoard
Используется скрипт перл, в котором не комментируются некоторые мета-символы. Используя нулевой символ можно получить любой файл с сервера. Кроме того, можно вызвать бесконечный fork в приложении, что вызовет DoS против системы...