1057 matches found
Tarantella Enterprise 3 3.x - 'TTAWebTop.cgi' Arbitrary File Viewing
source: https://www.securityfocus.com/bid/2890/info Tarantella Enterprise 3 is a tool for centralized management of data and applications. It is operated via a web interface. It will run on a number of Unix and Linux distributions. ttawebtop.cgi is a CGI script included with the Tarantella,...
mimanet source viewer 2.0 - Directory Traversal
source: https://www.securityfocus.com/bid/2762/info MIMAnet Source Viewer is a freely available CGI script which allows users to view the source code of files located elsewhere on the server. Source Viewer accepts an argument, 'loc', which it uses as the filename when opening the requested file...
Free Online Dictionary of Computing 1.0 - Remote File Viewing
source: https://www.securityfocus.com/bid/2484/info A vulnerability exists in a CGI script called "The Free Online Dictionary of Computing". Due to a failure to properly validate user supplied input, a remote attacker can compose and submit requests for files readable by the webserver, as well as...
Oracle JSP/SQLJSP handlers allow viewing files and executing JSP outside the web root
Georgi Guninski security advisory 36, 2001 Oracle JSP/SQLJSP handlers allow viewing files and executing JSP outside the web root Systems affected: Oracle JSP/SQLJSP handlers, installed by default Oracle 8.1.7 Windows 2000 Have not tested on other versions but they may be vulnerable Risk: High Dat...
IIS 5.0 allows viewing files using %3F+.htr
Georgi Guninski security advisory 33, 2001 IIS 5.0 allows viewing files using 3F+.htr Systems affected: IIS 5.0 patched against the file fragment reading vulnerability Risk: Medium Date: 8 January 2001 Legal Notice: This Advisory is Copyright c 2000 Georgi Guninski. You may distribute it...
DST2K0032.txt
============================================================================ Delphis Consulting Plc ============================================================================ Security Team Advisories 19/09/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...
Htgrep CGI Arbitrary File Viewing Vulnerability
Software: Htgrep URL: http://www.iam.unibe.ch/scg/Src/Doc/ Version: All Versions Platforms: Unix maybe Winnt? Author status: Notified Summary: Any remote user can view arbitrary files on the system with the privileges of the web user Vulnerability: The CGI allows a user to specify a header and...
CGI: Selena Sol's WebBanner ( Random Banner Generator ) Vulnerability
Application Name: WebBanner Random Banner Generator Application Authors: Eric Tachibana Selena Sol and Gunther Birznieks Version: 4.0 Last Modified: 17NOV98 Site: http://www.extropia.com Origin: Script design fault Consequence: User can view files as user the server are running Solution: See at t...
spj-004-000.txt
SPJ-004-000: .::::::::+ s0ftpr0ject 2K +::::::::. ::::+ Digital Security for Y2K +:::: :::'""""'""""'""""'""""'""'""::: ::'.gS$"$Sn. .gS$"$Sn. Sn.:: :: $$$$$ $$$$$ $$$$$ $$$$$ $$$$ :: :: $$$$$ $$$$$ $$$$$ $$$$ :: :: $$$$$$$$$n $$$$$ $$$$$ $$$$ :: :: $$$$$ $$$$$s$$$$' $$$$ :: :: $$$$$ $$$$$ $$$$$...
Linux news 6.06.00
Linux 2.2.16pre8 Вышла восьмая pre-версия следующего стабильного ядра Linux: 2.2.16. Подробнее: http://linuxtoday.com/newsstory.php3?ltsn=2000-06-05-001-04-NW-KN Linux 2.4.0test1-ac8 Alan Cox выпустил свою восьмую модификацию ядра Linux 2.4.0test1. Подробнее:...
John Donoghue Knapster 0.9/1.3.8 - File Access
source: https://www.securityfocus.com/bid/1186/info Various open source clones of the Napster software package have a vulnerability by which users may view files on a machine running a vulnerable Napster clone client. The file access is limited to files accessible by the user running the client...
Netscape Enterprise Server 3.03.63.51 - Directory Indexing
Netscape Enterprise Server 3.03.63.51 - Directory Indexing // source: https://www.securityfocus.com/bid/1063/info Netscape Enterprise Server 3.x includes a poorly documented feature that will allow remote users to view directory listings by appending various instructional tags to the URL. Althoug...
mutt.tempfile.race.txt
Date: Sun, 28 Feb 1999 09:28:43 +0100 From: Thomas Roessler To: [email protected] Subject: mutt security tempfile race in mutt Parts/Attachments: 1.1 Shown 39 lines Text 1.2 OK 134 lines Text 2 475 bytes Application ---------------------------------------- An anonymous Debian developer forward...
Microsoft IIS 4.0 / Microsoft Site Server 3.0 - Showcode ASP
source: https://www.securityfocus.com/bid/167/info A sample Active Server Page ASP script installed by default on Microsoft's Internet Information Server IIS 4.0 gives remote users access to view any file on the same volume as the web server that is readable by the web server. IIS 4.0 installs a...
CVE-2000-0054
search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. dot dot attack...
SGI IRIX 6.0.1 - colorview Read Files
SGI IRIX 6.0.1 - colorview Read Files source: https://www.securityfocus.com/bid/336/info Colorview fails to validate that the user has access to the file supplied to the -text option. As a result, users can view arbitrary files. /usr/sbin/colorview -text /var/spool/mail/admin...
Report Viewer 2008
Report Viewer 2008...