Lucene search
K

70 matches found

CVE
CVE
added 2005/02/23 5:0 a.m.50 views

CVE-2004-0465

OpenConnect WebConnect (WebConnect 6.4.4, 6.5 and possibly earlier) is vulnerable to a read-only directory traversal in the jretest.html page. By sending a crafted request that abuses the WCP_USER parameter (using ..// sequences), an attacker can read INI-style files outside the webroot and view ...

5CVSS6.9AI score0.12251EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2005/02/23 5:0 a.m.62 views

CVE-2004-0466

The CVE-2004-0466 issue affects OpenConnect WebConnect (Windows) versions 6.4.4 and 6.5 (and possibly earlier). A denial-of-service vulnerability occurs when an HTTP request URL contains an MS-DOS device name (AUX, CON, PRN, COM1, LPT1); the server may stop responding to further requests, causing...

5CVSS6.8AI score0.03959EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2005/02/23 5:0 a.m.23 views

CVE-2004-0465

Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCPUSER parameter...

6.9AI score0.12251EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2005/02/22 12:0 a.m.14 views

WebConnect Multiple Remote Vulnerabilities (deprecated)

Binary data 2639.prm...

5CVSS7.3AI score0.12251EPSS
Exploits1References2
securityvulns
securityvulns
added 2005/02/21 12:0 a.m.47 views

[Full-Disclosure] The WebConnect 6.4.4 and 6.5 contains several vulnerabilities

The WebConnect 6.4.4 and 6.5 contains several vulnerabilities such as: - Denial of Service when requesting an DOS Device in Path Name - Reading of files outside webroot Directory traversal Requesting "DOS Device in Path Name" Denial of Service When requesting a DOS device in the URL the server wi...

5CVSS2.4AI score0.12251EPSS
Exploits1
exploitpack
exploitpack
added 2005/02/21 12:0 a.m.12 views

OpenConnect WebConnect 6.46.5 - jretest.html Traversal Arbitrary File Access

OpenConnect WebConnect 6.46.5 - jretest.html Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/12613/info OpenConnect WebConnect is reported prone to multiple vulnerabilities. The following individual issues are reported: WebConnect is reported prone to a remote denial of...

Exploits0
CERT
CERT
added 2005/02/21 12:0 a.m.32 views

OpenConnect Webconnect read-only directory traversal vulnerability in jretest.html

Overview OpenConnect Webconnect contains a read-only directory traversal vulnerability in the file jretest.html. Description OpenConnect Webconnect provides secured web access and emulation services for backend mainframes and UNIX servers. Versions of Webconnect prior to 6.4.5 and 6.5.1 running o...

5CVSS6AI score0.12251EPSS
Exploits1References2
CERT
CERT
added 2005/02/21 12:0 a.m.26 views

OpenConnect Webconnect MS-DOS device name denial-of-service

Overview OpenConnect WebConnect may stop responding after processing an HTTP request with an MS-DOS device name in it. Description OpenConnect Webconnect provides secured web access and emulation services for backend mainframes and UNIX servers. Versions of Webconnect prior to 6.4.5 and 6.5.1...

5CVSS6.3AI score0.03959EPSS
Exploits0References2
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-0465

Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCPUSER parameter...

5CVSS6.9AI score0.12251EPSS
Exploits1References6
NVD
NVD
added 2004/02/21 5:0 a.m.13 views

CVE-2004-0466

WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote attackers to cause a denial of service hang via a URL containing an MS-DOS device name such as 1 AUX, 2 CON, 3 PRN, 4 COM1, or 5 LPT1...

5CVSS6.8AI score0.03959EPSS
Exploits0References6
Rows per page
Query Builder