Lucene search
+L
AolAol Server

6 matches found

CVE
CVE
added 2001/03/09 5:0 a.m.50 views

CVE-2001-0205

CVE-2001-0205 : A directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting a modified .. (dot dot) sequence ("...") into the requested pathname. The issue affects the pathname handling in AOLserver versions up to and including 3.2...

5CVSS7.1AI score0.23615EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.50 views

CVE-2001-1067

AOLServer ParseAuth() buffer overflow: AOLServer 3.3.0 and earlier contain a vulnerability in which Decode()/ParseAuth() uses a fixed 256-byte buffer, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted HTTP request with an overly long Authorization head...

10CVSS7.8AI score0.1611EPSS
CVE
CVE
added 2002/03/15 5:0 a.m.50 views

CVE-2002-0100

CVE-2002-0100 affects AOLserver 3.4.2 on Win32. The vulnerability allows remote attackers to bypass authentication and read password-protected files by requesting a URL that directly references the protected file. The CVSS metrics indicate network access, low attack complexity, and no authenticat...

7.5CVSS7.2AI score0.01648EPSS
CVE
CVE
added 2002/06/11 4:0 a.m.47 views

CVE-2002-0587

CVE-2002-0587 is a buffer overflow in the Ns_PdLog function of AOLServer's external database driver proxy daemon library (libnspd.a), affecting AOLServer versions 3.0 through 3.4.2. The vulnerability allows remote attackers to cause a denial of service or execute arbitrary code via the Error or N...

7.5CVSS8.4AI score0.03215EPSS
CVE
CVE
added 2001/04/04 4:0 a.m.44 views

CVE-2001-0314

CVE-2001-0314 : A buffer overflow in the AOL 5.0 “www.tol” module can be triggered by a long URL in a link, potentially allowing remote denial of service and possibly arbitrary command execution. The provided documents do not include specific exploit details or remediation/version information. No...

7.5CVSS8.1AI score0.01977EPSS
CVE
CVE
added 2002/06/11 4:0 a.m.37 views

CVE-2002-0586

CVE-2002-0586 describes a format-string vulnerability in AOLServer (libnspd.a) across versions 3.0–3.4.2, specifically in the Ns_PdLog function. An attacker could exploit the Error or Notice parameters to execute arbitrary code remotely. The vulnerability impacts the AOLServer external database d...

7.5CVSS8.1AI score0.02912EPSS