Lucene search
K

7170 matches found

Packet Storm
Packet Storm
added 2001/02/16 12:0 a.m.20 views

ultimate-bb.txt

I set up a script on some server somewhere that will mail me the contents of "whatever" in a url query as such - http://somehost.com/somescript.php/cgi/pl/asp?contents="whatever" when I have that script in place I post a message on the board that I wish to steal peoples passes from withfor Intern...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/10/27 12:0 a.m.33 views

Squid doesn't quote urls in error messages.

Hi, I noticed that Squid 2.3.STABLE4 doesn't quote urls in error messages. For example if a user visits the following url http://www.dotcom.com/ btest/b The user will get an invalid url page with test in bold. Or even more fun with: http://www.somecompany.com/img...

7AI score
Exploits0
Debian
Debian
added 2000/09/10 12:0 a.m.12 views

[SECURITY] New version of horde and imp released

------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman September 10, 2000 - ------------------------------------------------------------------------ Package : horde and imp Problem type...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2000/08/02 12:0 a.m.29 views

ntop.advisory.txt

================================================================================ Hackerslab bugpaper ntop web mode vulnerabliity ================================================================================ Command : /sbin/ntop -w SYSTEM : N/A INFO : ntop - display top network users -w Starts...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/08/01 12:0 a.m.26 views

Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution

source: https://www.securityfocus.com/bid/1525/info In February of 2000 CERT Coordination Center released an advisory titled "Malicious HTML Tags Embedded in Client Web Requests" advisory attached in 'Credit' section". This advisory was a joint release by the CERT Coordination Center, DoD-CERT, t...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2000/06/09 12:0 a.m.29 views

3R Soft MailStudio 2000 2.0 - Arbitrary File Access

3R Soft MailStudio 2000 2.0 - Arbitrary File Access source: https://www.securityfocus.com/bid/1335/info MailStudio 2000 is vulnerable to multiple attacks. It is possible for a remote user to gain read access to all files located on the server via the usage of the "/.." string passed to a CGI,...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2000/04/13 12:0 a.m.47 views

Weak Token in Mail.Com Application Allows Compromise of Arbitrary User's Data

Weak Token in Mail.Com Application Allows Compromise of Arbitrary User's Data Black Watch Labs Security Advisory 00-02 March 6, 2000 Name: Weak Token in Mail.Com Application Allows Compromise of Arbitrary User's Data Black Watch Labs ID: BWL-00-02 Date Released: March 6, 2000 Category: Applicatio...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/03/07 12:0 a.m.160 views

Pocsag POC32 Remote Service Default Password (password)

It is possible to log into the remote pocsag service and view the streams of decoded pager messages using the password 'password'. An attacker may use this problem to gain some knowledge about the computer user and then trick him by social engineering. C Tenable Network Security, Inc...

5CVSS5.5AI score0.02567EPSS
Exploits1References1
security_vulns
security_vulns
added 2000/02/03 12:0 a.m.72 views

The Bat! X-BAT-FILES

"The Bat!" by RitLabs is extremely convenient mail agent with a lot of features for Windows platforms. One of "The Bat!" features is storing files attached to e-mail messages apart from messages bodies. In this case "The Bat!" puts attached files in preconfigured folder and removes according MIME...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2000/01/12 12:0 a.m.35 views

hotmail.java.txt

Georgi Guninski security advisory 5, 2000 Yet another Hotmail security hole - injecting JavaScript using "jvascript:" Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2000/01/07 12:0 a.m.29 views

javascript.hotmail.txt

Georgi Guninski security advisory 3, 2000 Yet another Hotmail security hole - injecting JavaScript in IE using "@import urljavascript:..." Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 1999/12/22 12:0 a.m.28 views

Microsoft Internet Explorer 4/5/5.5/5.0.1 - external.NavigateAndFind() Cross-Frame

Microsoft Internet Explorer 4.0 for WfW/Windows 3.1/Windows 95/Windows NT 3/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.5,Internet Explorer 5.0.1,Internet Explorer for Unix 5.0 external.NavigateAndFind Cross-Frame Vulnerability source...

7AI score
Exploits0
exploitpack
exploitpack
added 1999/11/25 12:0 a.m.10 views

SCO Unixware 7.07.0.17.1 - Xsco Buffer Overflow

SCO Unixware 7.07.0.17.1 - Xsco Buffer Overflow // source: https://www.securityfocus.com/bid/824/info Under certain versions of Unixware, the SUID program Xsco is vulnerable to a buffer overflow attack. The problem lies in that Xsco does not sanity check user supplied data. // UnixWare7...

1.2AI score
Exploits0
Exploit DB
Exploit DB
added 1999/11/15 12:0 a.m.41 views

International TeleCommunications WebBBS 2.13 - login & Password Buffer Overflow

// source: https://www.securityfocus.com/bid/803/info Certain versions of WebBBS by Mike Bryeans of International TeleCommunications contain a flaw in the initial login program. User supplied data via the login name and password are not bounds checked and can result in a buffer overflow. This lea...

7.4AI score
Exploits0
NVD
NVD
added 1999/11/08 5:0 a.m.24 views

CVE-1999-1530

cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system...

3.6CVSS6.4AI score0.00365EPSS
Exploits0References5
Exploit DB
Exploit DB
added 1999/10/30 12:0 a.m.30 views

SCO Unixware 2.1/7.0/7.0.1/7.1/7.1.1 - su(1) Buffer Overflow

// source: https://www.securityfocus.com/bid/826/info Certain versions of Unixware ship with a version of su1 which is vulnerable to a buffer overflow attack. This attack is possible because su1 fails to sanity check user supplied data, in this instance a username supplied on the command line...

7.4AI score
Exploits0
CVE
CVE
added 1999/09/29 4:0 a.m.77 views

CVE-1999-0612

CVE-1999-0612 affects the finger service. The finger daemon exposes valid user information to any entity on the network, enabling information disclosure. Affected: finger on UNIX-like systems vulnerable in versions older than the patched release (e.g.,

6.4AI score0.68185EPSS
Exploits0References1Affected Software2
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.37 views

ffingerd.txt

Date: Fri, 23 Apr 1999 19:26:13 +0300 From: Eilon Gishri To: [email protected] Subject: Ffingerd privacy issues Hi, I found a couple of bugs in ffingerd 1.19 which are related to privacy. Here goes: The permission on root's home directory are now 700 /home/root. ----- aristo/cc/eilonfinger...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.26 views

ms-frame-spoof.txt

From: Microsoft Product Security Notification Service mailto:[email protected] On Behalf Of Microsoft Product Security Sent: Wednesday, December 23, 1998 9:51 AM To: [email protected] Subject: Microsoft Security Bulletin MS98-020 The following is a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.49 views

netscape4.5-nsform.tmp.txt

02-FEB-99 - http://www.skylab.org/netscape/index.html Yet another browser bug was found late last week. This time in Netscape's Communicator 4.5. The problem appears with the way Netscape handles forms. In many cases, the browser will store data entered on a FORM in C:\WINDOWS\TEMP in a NSFORM.TM...

7.4AI score
Exploits0
Rows per page
Query Builder