6 matches found
CVE-2001-0205
CVE-2001-0205 : A directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting a modified .. (dot dot) sequence ("...") into the requested pathname. The issue affects the pathname handling in AOLserver versions up to and including 3.2...
CVE-2001-1067
AOLServer ParseAuth() buffer overflow: AOLServer 3.3.0 and earlier contain a vulnerability in which Decode()/ParseAuth() uses a fixed 256-byte buffer, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted HTTP request with an overly long Authorization head...
CVE-2002-0100
CVE-2002-0100 affects AOLserver 3.4.2 on Win32. The vulnerability allows remote attackers to bypass authentication and read password-protected files by requesting a URL that directly references the protected file. The CVSS metrics indicate network access, low attack complexity, and no authenticat...
CVE-2002-0587
CVE-2002-0587 is a buffer overflow in the Ns_PdLog function of AOLServer's external database driver proxy daemon library (libnspd.a), affecting AOLServer versions 3.0 through 3.4.2. The vulnerability allows remote attackers to cause a denial of service or execute arbitrary code via the Error or N...
CVE-2001-0314
CVE-2001-0314 : A buffer overflow in the AOL 5.0 “www.tol” module can be triggered by a long URL in a link, potentially allowing remote denial of service and possibly arbitrary command execution. The provided documents do not include specific exploit details or remediation/version information. No...
CVE-2002-0586
CVE-2002-0586 describes a format-string vulnerability in AOLServer (libnspd.a) across versions 3.0–3.4.2, specifically in the Ns_PdLog function. An attacker could exploit the Error or Notice parameters to execute arbitrary code remotely. The vulnerability impacts the AOLServer external database d...