5310 matches found
AnalogX SimpleServer:WWW 1.0.1 - GET Buffer Overflow
source: https://www.securityfocus.com/bid/906/info The SimpleServer:WWW personal webserver package from AnalogX can be compromised due to an overflowable buffer. If a GET request longer than 1000 bytes is received, the software will crash and data from the request gets pased to the EIP, meaning...
BroadGun Software CamShot WebCam 2.5 - GET Buffer Overflow
source: https://www.securityfocus.com/bid/905/info CamShot is a webserver designed to work in conjunction with computer video cameras. The software will crash, and possibly allow for execution of arbitrary code, if a GET request of more than 2000 bytes is received. DoS attack: GET 2000 chars...
Alt-N WorldClient Pro 2.0.0.02.0.1.0Standard 2.0.0.0 - Long URL Denial of Service
Alt-N WorldClient Pro 2.0.0.02.0.1.0Standard 2.0.0.0 - Long URL Denial of Service source: https://www.securityfocus.com/bid/823/info Alt-N's WorldClient is an email webserver that allows it's users to retrieve email via HTTP. It is susceptible to denial of service attacks due to an unchecked buff...
Alt-N WorldClient Pro 2.0.0.0/2.0.1.0/Standard 2.0.0.0 - Long URL Denial of Service
source: https://www.securityfocus.com/bid/823/info Alt-N's WorldClient is an email webserver that allows it's users to retrieve email via HTTP. It is susceptible to denial of service attacks due to an unchecked buffer in the request handler. Supplying a long url will crash the server. http...
Tektronix Phaser Network Printer 740750750DP840930 PhaserLink WebServer - Retrieve Administrator Password
Tektronix Phaser Network Printer 740750750DP840930 PhaserLink WebServer - Retrieve Administrator Password source: https://www.securityfocus.com/bid/806/info Certain versions of the Tektronix PhaserLink printer ship with a webserver designed to help facilitate configuration of the device. This...
Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink WebServer - Retrieve Administrator Password
source: https://www.securityfocus.com/bid/806/info Certain versions of the Tektronix PhaserLink printer ship with a webserver designed to help facilitate configuration of the device. This service is essentially administrator level access as it can completely modify the system characteristics,...
Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities
Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities // source: https://www.securityfocus.com/bid/770/info There are several CGI programs that ship with the Alibaba webserver. Many of these do not do proper input handling, and therefore will allow requests for access to files...
Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities
// source: https://www.securityfocus.com/bid/770/info There are several CGI programs that ship with the Alibaba webserver. Many of these do not do proper input handling, and therefore will allow requests for access to files outside of normal or safe webserver practice. This results in various...
RFP9905.zeus.remote.root.txt
--- Advisory RFP9905 ------------------------------- rfp.labs ----------- Remote root compromise via Zeus webserver Zeus-search vulnerability --------------------------------- rain forest puppy / [email protected] -- Table of contents: - 1. Scope of problem - 2. Solution - 3. Miscellaneous Updates...
Pacific Software URL Live! 1.0 - Directory Traversal
Pacific Software URL Live! 1.0 - Directory Traversal source: https://www.securityfocus.com/bid/746/info The URL Live! free webserver from Pacific software is susceptible to the "../" directory traversal vulnerability. By using the '../' string in a URL, an attacker can gain read access to files...
url.live-1.0.txt
Hello URL Live! 1.0 WebServer for Windows95/98/NT which is released by Pacific Software Publishing, Inc. http://www.urllive.com/ also has a "../" security problem, any users can download any files on the victim host. example: http://www.xxx.yy.jp/../../../../config.sys ----- The Shadow Penguin...
T. Hauck Jana Server 1.01.451.46 - Directory Traversal
T. Hauck Jana Server 1.01.451.46 - Directory Traversal source: https://www.securityfocus.com/bid/699/info The Jana webserver is susceptible to directory traversal attacks using multiple dots in the URL. If the request is made in specific formats, the server will send out files outside of the...
T. Hauck Jana Server 1.0/1.45/1.46 - Directory Traversal
source: https://www.securityfocus.com/bid/699/info The Jana webserver is susceptible to directory traversal attacks using multiple dots in the URL. If the request is made in specific formats, the server will send out files outside of the intended webroot. http ://target/./.././.././.././win.ini o...
CVE-1999-0474
The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory...
CVE-1999-0474
CVE-1999-0474 concerns the ICQ Webserver, where remote attackers can exploit a path traversal issue (using ..) to access files outside the user’s personal directory. Public sources corroborate an access-control/authorization bypass leading to potential partial confidentiality impact (CVSS v2 base...
Netscape Enterprise Server 3.513.6 SP2 - Accept Buffer Overflow
Netscape Enterprise Server 3.513.6 SP2 - Accept Buffer Overflow source: https://www.securityfocus.com/bid/631/info Enterprise Server 3.6 SP2 with the SSL Handshake Patch applied is vulnerable to a buffer overflow that may allow attackers to launch denial-of-service attacks and to execute arbitrar...
icq99.web.server.txt
Date: Mon, 5 Apr 1999 23:50:56 +0200 From: Jan Vogelgesang To: [email protected] Subject: security hole in ICQ-Webserver Hi, Some days ago i've read a message here in Bugtraq from Ronald A. Jarell about a vulnerability in the ICQ-Webserver . I tried to reproduce this vulnerability with my...
icq.webserver.exploits.txt
ICQ Homepage Exploit By Shadow51 Ever wondered why there is a little house beside the name of some people? That doesn't mean they are at home, it means they have the ICQ-Webserver running. The idiots who made it left huge bugs in it, like you can close their ICQ remotely, and even download their...
Oracle Webserver PL/SQL Stored Procedure GET Request DoS
It was possible to make the remote web server crash by supplying a too long argument to the cgi /ews-bin/fnord. An attacker may use this flaw to prevent your customers to access your website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc...
John OFallon Responder.cgi 1.0 - Denial of Service
John OFallon Responder.cgi 1.0 - Denial of Service source: https://www.securityfocus.com/bid/3155/info responder.cgi' is a free CGI shell script, written in C, for MacHTTP Server and other MacOS webserver products. It is possible to cause a denial of service to MacHTTP webserver due to improper...