851 matches found
Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting
Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/5026/info Cisco Secure ACS is an access control and accounting server system. It is distributed and maintained by Cisco, and in this vulnerability affects implementations on the Microsoft Windows ...
Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/5026/info Cisco Secure ACS is an access control and accounting server system. It is distributed and maintained by Cisco, and in this vulnerability affects implementations on the Microsoft Windows NT platform. It has been discovered that the web server...
IBM Lotus Domino Banner Nonexistent .pl File Request Path Disclosure
The remote web server appears to be a version of Lotus Domino that allows an attacker to determine the physical path to the web root by requesting a non-existent '.pl' file. C Tenable Network Security, Inc. based on php3pathdisclosure by Matt Moore References From: "PeterGrundl" To: "bugtraq"...
Shambala Web Server Malformed HTTP GET Request DoS
It was possible to kill the web server by sending this request : GET !"?%&/=? Shambala is known to be vulnerable to this attack. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik Anderson nb: domain no longer exists Added BugtraqID and CVE Status:...
Evolvable Shambala Server 4.5 - Web Server Denial of Service
// source: https://www.securityfocus.com/bid/4897/info Shambala Server is a FTP, Web, and Chat server targeted for the Small Office/Home Office user. It has been reported that Shambala Server's web server may be prone to a denial of service vulnerability. The denial of service condition is a resu...
Cabletron WebView Administrative Access
This host is a Cabletron switch and is running Cabletron WebView. This web software provides a graphical, real-time representation of the front panel on the switch. This graphic, along with additionally defined areas of the browser interface, allow you to interactively configure the switch, monit...
Multiple vendors web server source code disclosure (8.3 name form at vulnerability - take II)
//////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////// ======================== Security Advisory ======================== ////////////////////////////////////////////////////////////////////////////...
Critical Path InJoin Directory Server 4.0 - File Disclosure
Critical Path InJoin Directory Server 4.0 - File Disclosure source: https://www.securityfocus.com/bid/4718/info Critical Path provides an LDAP Lightweight Directory Access Protocol Directory Server called InJoin. InJoin Directory Server is provided for Microsoft Windows operating systems and Unix...
FileSeek CGI Script - Remote Command Execution
FileSeek CGI Script - Remote Command Execution source: https://www.securityfocus.com/bid/6783/info FileSeek is an example cgi-script from "The CGI/Perl Cookbook from John Wiley & Sons". The script is written and maintained by Craig Patchett. It is mainly used to find and download files on a web...
FileSeek - CGI Script File Disclosure
FileSeek - CGI Script File Disclosure source: https://www.securityfocus.com/bid/6784/info FileSeek is an example cgi-script from "The CGI/Perl Cookbook from John Wiley & Sons". The script is written and maintained by Craig Patchett. It is mainly used to find and download files on a web server...
FileSeek - CGI Script File Disclosure
source: https://www.securityfocus.com/bid/6784/info FileSeek is an example cgi-script from "The CGI/Perl Cookbook from John Wiley & Sons". The script is written and maintained by Craig Patchett. It is mainly used to find and download files on a web server. FileSeek.cgi and FileSeek2.cgi are prone...
FileSeek CGI Script - Remote Command Execution
source: https://www.securityfocus.com/bid/6783/info FileSeek is an example cgi-script from "The CGI/Perl Cookbook from John Wiley & Sons". The script is written and maintained by Craig Patchett. It is mainly used to find and download files on a web server. It has been reported that FileSeek.cgi a...
Microsoft Internet Information Server (IIS) contains cross-site scripting vulnerability in IIS Help Files search facility
Overview Visitors to web sites that use Microsoft IIS 5.0 and 5.1 are vulnerable to cross-site scripting attacks through the IIS help facility. Description Cross-site scripting is a form of attack in which an intruder leverages the trust between a victim and a web-site the victim trusts. Quoting...
CVE-2002-0124
MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ dot dot containing URL-encoded slashes in the HTTP request...
CVE-2001-0680
Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST ls command...
Galacticomm Worldgroup 3.20 - Remote Web Server Denial of Service
Galacticomm Worldgroup 3.20 - Remote Web Server Denial of Service // source: https://www.securityfocus.com/bid/4186/info Galacticomm Worldgroup is a community building package of both client and server software for Microsoft Windows. Worldgroup is based on BBS software, and includes web and ftp...
CVE-2001-1018
Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / slash characters...
3Com HomeConnect Cable Modem vulnerable to DoS via long string of characters
Overview Intruders can disrupt the normal operation of a 3Com HomeConnect Cable Modem. Description The 3Com HomeConnect Cable Modem contains a web server. This web server is used to administer the cable modem. By default, this web server is configured to allow any user local or remote to connect ...
ColdFusion Debug Mode Information Disclosure
It is possible to see the ColdFusion Debug Information by appending '?Mode=debug' at the end of the request. ColdFusion 4.5 and 5.0 are definitely concerned probably in addition older versions. The Debug Information usually contain sensitive data such as Template Path or Server Version...
CVE-2001-0680
Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST ls command...