iDefense Security Advisory - Remote exploitation of an input validation vulnerability in Adobe Systems Inc.'s Macromedia ColdFusion MX 7 may allow an attacker to view file contents on the server. The vulnerability specifically exists in that URL encoded filenames will be decoded by the IIS process and then again by the ColdFusion process. By supplying a URL containing a double encoded null byte and an extension handled by ColdFusion, such as '.cfm', it is possible to view the contents of any file which is not interpreted by ColdFusion. iDefense has confirmed this vulnerability exists in Adobe Macromedia ColdFusion MX 7.0.2, with all available fixes, running on Microsoft IIS vulnerable.
4eb93328aca8b7d23af5ba4e80ae002d8aabb5f92bb543f0ae7df03430243dd3SoftArtisans FileUp suffers from a remote script source disclosure vulnerability in viewsrc.asp.
0cc4611acdce314eebb0933d165df6857cc8434466796361c14d62251baba9f9Microsoft(R) Internet Explorer 5 and 6 suffer from a remote denial of service flaw using IMG and XML elements. Proof of concept code included.
3dca4c4cb9b808ced948bbb4b399c728f0dc2c96e5fc2e9c346f368f6960df83It appears that malformed HTTP requests to IIS versions 5.0, 5.1, and 6.0 allow for a remote crash of the service.
6d185deb53682ef93b3fa88fdec275761c1a6503427ac16a9c6c4de27066e357FileZilla Server Terminal version 0.9.4d appears to suffer from a buffer overflow vulnerability when being passed 900-3000 characters to the USER directive.
334bebb9956a106eb2cd459c8d4304a22a36821a0e716ac35a08441077fc83c3It is possible to remotely spoof the Microsoft Internet Information Server 5.0, 5.1 and 6.0 SERVER_NAME variable by doing a modified HTTP request. This allows for the revealing of sensitive ASP code through the IIS 500-100.asp error page.
9265062b769c12c9797d72a61a3d47995803db86c2d1079cb92eaf33f0bc6113
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed