Lucene search
+L

896 matches found

packetstorm
packetstorm
added 1999/08/17 12:0 a.m.39 views

retina.vs.iis4-round2.txt

http://www.eeye.com/database/advisories/ad06081999/ad06081999.html Retina vs. IIS4, Round 2 Systems Affected: Internet Information Server 4.0 IIS4 Microsoft Windows NT 4.0 SP3 Option Pack 4 Microsoft Windows NT 4.0 SP4 Option Pack 4 Microsoft Windows NT 4.0 SP5 Option Pack 4 Release Date: June 8,...

7.4AI score
Exploits0
nessus
nessus
added 1999/06/22 12:0 a.m.288 views

Web Server Long URL Handling Remote Overflow DoS

The remote web server crashes when it receives a too long URL. It might be possible to make it execute arbitrary code through this flaw. C Tenable Network Security, Inc. Some vulnerable servers: SmallHTTP All versions vulnerable: 2.x Stables, 3.x Latest beta 8 OmniHTTPd v2.09 of Omnicron...

10CVSS5.9AI score0.67398EPSS
Exploits14References21
nessus
nessus
added 1999/06/22 12:0 a.m.36 views

Multiple Web Server finger CGI Information Disclosure

The 'finger' CGI is installed. This can be used by a remote attacker to enumerate accounts on the system. Such information is typically valuable in conducting additional, more focused attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5.5AI score
Exploits0
exploitdb
exploitdb
added 1999/03/08 12:0 a.m.30 views

Microsoft IIS 2.0/3.0/4.0 - ISAPI GetExtensionVersion()

source: https://www.securityfocus.com/bid/501/info IIS and potentially other NT web servers have a vulnerability that could allow arbitrary code to be run as SYSTEM. This works because of the way the server calls the GetExtensionVersion function the first time an ISAPI extension is loaded. Any us...

7AI score
Exploits0
nvd
nvd
added 1999/01/01 5:0 a.m.11 views

CVE-1999-0286

In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages...

10CVSS6.6AI score0.0199EPSS
Exploits0References1
nvd
nvd
added 1998/11/30 5:0 a.m.7 views

CVE-1999-1073

Excite for Web Servers EWS 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack...

7.2CVSS0.00371EPSS
Exploits0References1
nvd
nvd
added 1998/11/30 5:0 a.m.9 views

CVE-1999-1072

Excite for Web Servers EWS 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi...

7.2CVSS0.00419EPSS
Exploits0References1
nvd
nvd
added 1998/11/30 5:0 a.m.10 views

CVE-1999-1071

Excite for Web Servers EWS 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file...

7.2CVSS0.00352EPSS
Exploits0References2
exploitpack
exploitpack
added 1998/11/30 12:0 a.m.18 views

Excite for Web Servers 1.1 - Administrative Password

Excite for Web Servers 1.1 - Administrative Password source: https://www.securityfocus.com/bid/2665/info Excite for Web Servers 1.1 EWS is a search engine suite for web servers running under Windows NT and UNIX. By default the file containing the administrative password, architext.conf, is world...

0.2AI score
Exploits0
exploitdb
exploitdb
added 1998/11/30 12:0 a.m.41 views

Excite for Web Servers 1.1 - Administrative Password

source: https://www.securityfocus.com/bid/2665/info Excite for Web Servers 1.1 EWS is a search engine suite for web servers running under Windows NT and UNIX. By default the file containing the administrative password, architext.conf, is world readable and world writable. This allows an attacker...

7.4AI score
Exploits0
nvd
nvd
added 1998/02/06 5:0 a.m.9 views

CVE-1999-0012

Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names...

7CVSS0.18196EPSS
Exploits0References1
ptsecurity
ptsecurity
added 1998/02/06 12:0 a.m.4 views

PT-1998-1009 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue allows remote attackers to bypass access restrictions for files with long file names on some web servers. Recommendations: At the moment, there is no information about a...

7CVSS7.1AI score0.18196EPSS
Exploits0References4
ptsecurity
ptsecurity
added 1998/01/01 12:0 a.m.4 views

PT-1998-1058 · Excite · Excite For Web Servers

Name of the Vulnerable Software and Affected Versions: Excite for Web Servers EWS affected versions not specified Description: The issue allows remote command execution via shell metacharacters. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

7.5CVSS6.6AI score0.03919EPSS
Exploits0References2
exploitdb
exploitdb
added 1998/01/01 12:0 a.m.36 views

Microsoft IIS 3.0/4.0 / Microsoft Personal Web Server 2.0/3.0/4.0 - ASP Alternate Data Streams

source: https://www.securityfocus.com/bid/149/info Microsoft IIS and other NT webservers contain a vulnerability that allows remote users to obtain the source code for an ASP file. When one appends ::$DATA to an asp being requested, the ASP source will be returned, instead of executing the ASP. F...

7.4AI score
Exploits0
nvd
nvd
added 1997/07/15 4:0 a.m.9 views

CVE-1999-0146

The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file...

7.5CVSS0.15053EPSS
Exploits0References2
msupdate
msupdate
added 1970/01/01 12:0 a.m.7 views

Security Update for Windows 2000 (815021)

An identified security vulnerability in Microsoft® Windows 2000 could allow an attacker to take control of the computer. This issue is most likely to affect computers used as web servers. You can help protect your computer from this and other identified issues by installing this update from...

4.2AI score
Exploits0
Rows per page
Query Builder