CVE-2000-0898

Small HTTP Server 2.01 does not properly process Server Side Includes SSI tags that contain null values, which allows local users, and possibly remote attackers, to cause the server to crash by inserting the SSI into an HTML file...

WU-FTPD 2.6.0 - Remote Format Strings

/ 12:40 11/10/00: Tool for either attack or defense within an information warfare setting. Rather, it is a small program demonstrating proof of concept. Default values for solaris 2.8 and inetd. If you are not the intended recipient, or a person responsible for delivering it to the intended...

CVE-2000-0898

Small HTTP Server 2.01 does not properly process Server Side Includes SSI tags that contain null values, which allows local users, and possibly remote attackers, to cause the server to crash by inserting the SSI into an HTML file...

CVE-2000-0898

CVE-2000-0898 affects Small HTTP Server 2.01. The issue is improper handling of Server Side Includes (SSI) tags containing null values, allowing local users and possibly remote attackers to crash the server by inserting an SSI into an HTML file. The NVD data indicates partial impact to availabili...

Still a cgi-security hole in DNSTools (1.10)

Hi, following the notice about Version 1.08 of Dnstools I looked into the new version 1.10 that is currently downloadable on dnstools.com. It still contains a sedurity bug by not parsing input-values. Details: I saw the author improved the script by entering the subroutine ParseForSecurity. There...

Ipswitch IMail Server 5.05.0.55.0.65.0.75.0.86.0 - Weak Password Encryption

Ipswitch IMail Server 5.05.0.55.0.65.0.75.0.86.0 - Weak Password Encryption // source: https://www.securityfocus.com/bid/880/info IMail keeps the encrypted passwords for email accounts in a registry key, HKLM\SOFTWARE\Ipswitch\Imail\Domains\DomainName\Users\UserName, in a string value called...

CVE-1999-1549

Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands...

brain.ini

General Title=HTTP Miner Commands 1=GET /%%$RPT65,40,10%%.%%extention%% HTTP/1.0 ;2=GET /%%cgi-bin%%/%%passwordpath%%/%%passwordfile%%.%%extention%% HTTP/1.0 Variables cgi-bin=cgi-bin,cgi,bin,cgibin,data,dat,exec,apps,secure,hide, extention=htr,html,htx,asp,exe,xml,ini,txt,dat,dbf,lst,data,...

CVE-2024-32606

HDF5 Library through 1.14.3 may attempt to dereference uninitialized values in h5toolsstrsprint in tools/lib/h5toolsstr.c called from h5toolsdumpsimpledata in tools/lib/h5toolsdump.c...

.NET Framework 4.6.x/4.7.x servicing

Detectoid for .NET Framework 4.6.x & 4.7.x product servicing based on release key value floor is 4.6.2 RTM, ceiling is 4.7.2 RTM and servicing releases...

PT-2013-6331 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.15.4 Description: The issue is related to the Linux kernel's handling of non-canonical values for the saved RIP address in system calls that do not use IRET. This can allow local users to leverage a race...