1110 matches found
Crob FTP Server 3.5.1 - Denial of Service
Crob FTP Server 3.5.1 - Denial of Service source: https://www.securityfocus.com/bid/9549/info A vulnerability has been reported in the Crob FTP server, which occurs due to a lack of validation of input from the user. By issuing a malformed request a malevolent user may be able to force the server...
Crob FTP Server 3.5.1 - Remote Information Disclosure
Crob FTP Server 3.5.1 - Remote Information Disclosure source: https://www.securityfocus.com/bid/9546/info A vulnerability has been reported in the Crob FTP server, which occurs due to a lack of validation of input from the user. By issuing a specially crafted request, a malevolent user may be abl...
[SECURITY] [DSA-386-1] New libmailtools-perl packages fix input validation bug
-------------------------------------------------------------------------- Debian Security Advisory DSA 386-1 [email protected] http://www.debian.org/security/ Matt Zimmerman September 18th, 2003 http://www.debian.org/security/faq -...
GnuPG contains flaw in key validation code
Overview A vulnerability in GnuPG may cause keys with multiple user ID's to give other user IDs on the key a false amount of validity. Description From the GnuPG homepage:GnuPG stands for GNU Privacy Guard and is GNU's tool for secure communication and data storage. It can be used to encrypt data...
GoAhead Web Server discloses source code of ASP files via crafted URL
Overview An input validation vulnerability in the GoAhead Web Server allows attackers to view sensitive information. This issue is also referenced in VU124059. Description The GoAhead Web Server inadequately filters user-supplied input. Specifically, the server does not properly filter malformed...
Input-validation vulnerability in PHP-Nuke allows arbitrary command execution via request for remote web site
Overview PHP-Nuke has an input-validation vulnerability that can lead to execution of arbitrary PHP code hosted on another web server. Description PHP-Nuke is a tool designed to ease web site creation and maintenance. PHP-Nuke includes a script named index.php, which uses PHP's include function t...
WorldClient 5.0.x - Arbitrary File Deletion
source: https://www.securityfocus.com/bid/4687/info WorldClient is a web interface packaged with MDaemon, an email server for Microsoft Windows. An input validation vulnerability exists in WorldClient that allows for an attacker to delete an arbitrary file on the webserver that it resides on. The...
phpSecurePages allows remote code execution
Overview There is an input validation vulnerability in phpSecurePages that may allow a remote intruder to execute arbitrary code with the privileges of the running web server. Description phpSecurePages is a tool for password protecting portions of websites on PHP enabled webservers. The...
Leif M. Wright everythingform.cgi 2.0 - Arbitrary Command Execution
Leif M. Wright everythingform.cgi 2.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2101/info An input validation vulnerability exists in Leif M. Wright's everything.cgi, a Perl-based form design tool. The script fails to properly filter shell commands from user-supplied...
CVE-2011-3455
...