Tiny HTTP Server versions 1.1 and 1.0.5 are vulnerable to directory traversal, denial of service, and cross site scripting bugs. Examples provided.
94d202695ed7e71eeb74c905557c9600d4fab98f445abaea4f073aba55c6bc8aWhen running in proxy mode, properly crafted requests sent to Finjan SurfinGate versions 6 and 7 can mimic control commands. Known vulnerabilities include viewing log data and causing the service to restart, potentially resulting in a DoS situation. The architecture for this application suggests there is a potential for modifying the filtering policy as well. The vendor has ignored the problem for over a year.
572f4e17a711d98d530166340377eea87699bc44b226915bbaab6ea14b6fba74Novell Netware Enterprise web server versions 5.1 and 6.0 are vulnerable to various cross site scripting, path dislosure, and directory listing attacks.
6fa6232eddd35425923014566186261bae4069faaff0f01545f187bf7e4f140eThe NetBus web server that comes as part of the trojan is susceptible to a directory listing and remote file upload vulnerability when a trailing / or ./ is appended to the URL.
a6237e6da8ad8b78741dec936856ce7e954fdb332dab3a0e635e29a581aafecaVersion 2.05 of the Freesco thttpd server is susceptible to a cross site scripting attack.
7586f60c26ce3791038b0f784a97cbdca327bb195524fa1e6f30051b6a45b9f4GeoHttpServer is vulnerable to an authentication bypass and a denial of service attack.
faae912330fa19a378bed24073e7eb019129f317801a1925873ee8dc480e0be3Need for Speed Hot Pursuit 2 remote exploit that makes use of a vulnerable client that is susceptible to a buffer overflow attack by a hostile server.
41b60c7f18b4a9ed723e56c839d1b5d8fdd42fbaa041b262da167f206486b356Security Corporation Security Advisory [SCSA-026]: A vulnerability has been discovered in DUWARE Products, which allows malicious users to become administrators. It affects approximately 15 different products in all.
0c960411e961d7e65a618c303917edb4acbe482261e21a68ece0032a7e326fb92Wire-Gateway is a router that has a webserver for maintenance. The CGI interface lacks input validation when returning an error with its return variable allowing for a directory traversal attack.
7d327c33155ca85a9c8ffbe857abf59b58c2dd8d41a1f071dd99da63cc51605aOwnServer, a web server used for watching security cameras remotely, is susceptible to a directory traversal bug that allows a remote attacker to gain access to files outside of the webroot.
b32b6045df134cd7484a3ae7c2e8bfa669777d8d1b0a5b081d9961a173b87d02NETCam webserver running NETCam Viewers 1.0.0.28 and below have a directory traversal bug that allows remote attackers to gain access to files outside of the webroot.
3033ef31ebe260b918d9f1e9177da16b936b0caa1f3b1065986e5ccaa17a5f85The Goahead webserver, version 2.1.8 and below, is an embedded webserver used by many products. The server has an internal problem where it will accept improper HTTP requests that allow a remote attacker to view source for CGI related files.
86b6965a79475e6b076b8955dfe03320b7908780179972962671b165a32736baThe Goahead webserver, version 2.1.8 and below, is an embedded webserver used by many products. A flaw exists where an attacker can get the webserver to consume all of the server's resources by using the POST method with a specific number set for the Content-Length parameter.
750d26c05ba6a4c19bb67be0988c544aa47ff4b7bd00c46f35b28f0378c6877aYaBB SE versions 1.54 and 1.53 have the functions welcome and recentTopics which are vulnerable to SQL injection because the parameter ID_MEMBER is not checked against malicious input.
95e89384d3a5e60f55043d680923bf50f3a2d727d428ca8993e211fcbfc77ddaAttached is an exploit that crashes the Pointbase 4.6 database server that comes with the J2EE reference implementation. It is caused by fact that the Pointbase installation coming with j2ee/ri 1.4. is not equipped with an appropriate security manager, thus giving all jars implicitly all permissions. These unlimited permissions can be exploited by an attacker using jdbc to crash the jvm running the pointbase server. Further exploitations possible are information disclosure and remote command injection.
dce14b7ba6ef63416061596683c967a3e51ca10f2c1f0204a348921ccdd803caphpShop Project versions 0.6.1-b and earlier are prone to SQL injection attacks, script injection, cross site scripting, and user information disclosure vulnerabilities.
adc0386ff64991975f3cef1848e988a682f780a5a19f78fb561e980f819177e2Xtreme ASP Photo Gallery Version 2.0 is prone to a common SQL injection vulnerability. The problem occurs when handling user-supplied username and password data supplied to authentication procedures.
18196c49e782ab6139923566eb59889974ae0a3c962a2c04583975e95eea74faRapidCache versions 2.2.6 and below suffer from denial of service and directory traversal bugs.
9e8235a36daf36f0ef225186bf427d9237e751f7245e744d783a418c71e1d0f5WWW File Share Pro versions 2.42 and below allow for files outside of the webroot to be overwritten due to invalid input validation, a denial of service attack when POSTs are made with large amounts of bytes, and directory authorization bypass.
4c071c11277f22ac564d41f1c75b17b4836ee660374acfd340f21bd50065149aLocal exploit that makes use of a symlink vulnerability in YaST when using SuSEconfig.gnome-filesystem.
b52db200e1ea04d1dd8b34e13eb95b40a438eeed156071a65829e4a699a709a6Local exploit that makes use of a symlink vulnerability that lies in Antivir for Linux version 2.0.9-9.
16c3a212203098718f24a83489734c130a494f00fe79ca71a4e1ce777906a39dRemote exploit for Windows FTP server version 1.6. Data for original vulnerability discovery made by Peter Winter-Smith here.
0aec0aed6891ae2629f8a646add69806a9b1a216e29c1bda7b123ef126e05408phpGedView version 2.65 beta 5 is susceptible to SQL injection attacks, path disclosure issues, cross site scripting, and denial of service attacks.
094b03352c5b18b33d01d1e8130f34dc9ebd3a1a84468e7051f67ce4e422685fDameWare Mini Remote Control versions 3.73 and below remote exploit. Tested against Windows 2000 with versions 3.68 and 3.72.
ef92006dbb8f3036693f95127cba9c8d48aec7349cfcdc2d8a0a95478c76a758The ezContents utility allows for arbitrary code execution on the server due to a lack of input validation.
36c30b0d861ec350e51582820117757d408e10079516d49c48514b47eb2d06fe
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed