29 matches found
EUVD-2006-5953
Malware in sbrugna...
EUVD-2004-0050
Malware in sbrugna...
EUVD-2006-5954
Malware in sbrugna...
EUVD-2005-0515
Malware in sbrugna...
EUVD-2006-5803
Malware in sbrugna...
Infoseek / Verity Ultraseek Detection (HTTP)
HTTP based detection of Infoseek / Verity Ultraseek formerly Inktomi Search. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2006-5970
Verity Ultraseek before 5.7 allows remote attackers to obtain sensitive information via direct requests with 1 a null "%00" terminated url parameter to help/urlstatusgo.html; or missing parameters to 2 help/header.html, 3 help/footer.html, 4 spell.html, 5 coreforma.html, 6 daterange.html, 7...
CVE-2006-5971
Absolute path traversal vulnerability in admin/logfile.txt in Verity Ultraseek before 5.6.2 allows remote attackers to read arbitrary files via the name variable...
CVE-2006-5819
Verity Ultraseek before 5.7 allows remote attackers to use the server as a proxy for web attacks and host scanning via a direct request to the highlight/index.html script...
CVE-2006-5971
Absolute path traversal vulnerability in admin/logfile.txt in Verity Ultraseek before 5.6.2 allows remote attackers to read arbitrary files via the name variable...
CVE-2006-5970
Verity Ultraseek before 5.7 allows remote attackers to obtain sensitive information via direct requests with 1 a null "%00" terminated url parameter to help/urlstatusgo.html; or missing parameters to 2 help/header.html, 3 help/footer.html, 4 spell.html, 5 coreforma.html, 6 daterange.html, 7...
CVE-2006-5970
Verity Ultraseek prior to 5.7 is vulnerable to an information-disclosure flaw: direct requests (including a null-terminated URL parameter and several missing parameters) cause error messages that reveal the installation path. The issue affects multiple pages (e.g., help, header/footer, spell, top...
CVE-2006-5971
CVE-2006-5971 describes an absolute path traversal vulnerability in Verity Ultraseek (admin/logfile.txt) prior to version 5.6.2. An attacker could read arbitrary files by supplying a crafted name variable, enabling partial confidentiality impact. The issue is rooted in improper validation of file...
CVE-2006-5819
CVE-2006-5819 affects Verity Ultraseek up to version 5.7. The flaw resides in the vulnerable highlight script (/highlight/index.html), which allows an unauthenticated remote attacker to proxy web requests, enabling access to internal content, enumerate non-public hosts, and perform cross-site scr...
CVE-2006-5819
Verity Ultraseek before 5.7 allows remote attackers to use the server as a proxy for web attacks and host scanning via a direct request to the highlight/index.html script...
[Full-disclosure] ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability
ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-042.html November 15, 2006 -- CVE ID: CVE-2006-5819 -- Affected Vendor: Verity -- Affected Products: Ultraseek -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have...
Verity Ultraseek Request Proxying Vulnerability
This vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability. The specific flaw exists within the highlight script used to highlight search terms on spider...
Infoseek / Verity Ultraseek < 5.3.3 XSS Vulnerability
Infoseek / Verity Ultraseek formerly Inktomi Search is vulnerable to cross-site scripting XSS and remote script injection due to a lack of sanitization of user-supplied data. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are...
Verity Ultraseek Search Request XSS
The remote host is running Ultraseek, an enterprise search engine. This version has a cross-site scripting vulnerability. Successful exploitation of this issue may allow an attacker to execute malicious script code on a vulnerable server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2005-0514
Cross-site scripting XSS vulnerability in Verity Ultraseek before 5.3.3 allows remote attackers to inject arbitrary HTML and web script via search parameters...