When running in proxy mode, properly crafted requests sent to Finjan SurfinGate versions 6 and 7 can mimic control commands. Known vulnerabilities include viewing log data and causing the service to restart, potentially resulting in a DoS situation. The architecture for this application suggests there is a potential for modifying the filtering policy as well. The vendor has ignored the problem for over a year.
572f4e17a711d98d530166340377eea87699bc44b226915bbaab6ea14b6fba74Novell Netware Enterprise web server versions 5.1 and 6.0 are vulnerable to various cross site scripting, path dislosure, and directory listing attacks.
6fa6232eddd35425923014566186261bae4069faaff0f01545f187bf7e4f140eThe NetBus web server that comes as part of the trojan is susceptible to a directory listing and remote file upload vulnerability when a trailing / or ./ is appended to the URL.
a6237e6da8ad8b78741dec936856ce7e954fdb332dab3a0e635e29a581aafecaVersion 2.05 of the Freesco thttpd server is susceptible to a cross site scripting attack.
7586f60c26ce3791038b0f784a97cbdca327bb195524fa1e6f30051b6a45b9f4GeoHttpServer is vulnerable to an authentication bypass and a denial of service attack.
faae912330fa19a378bed24073e7eb019129f317801a1925873ee8dc480e0be3Need for Speed Hot Pursuit 2 remote exploit that makes use of a vulnerable client that is susceptible to a buffer overflow attack by a hostile server.
41b60c7f18b4a9ed723e56c839d1b5d8fdd42fbaa041b262da167f206486b356Need for Speed Hot Pursuit 2 has a vulnerable client that is susceptible to a buffer overflow attack by a hostile server. The buffer overflow occurs when too long of a string is sent back to the client during an information query. Electronic Arts has not bothered to even return e-mails regarding this problem.
88337ed5ab04b4df56e133195ed4bc9fac508d02013e72364ab9d389beedd45e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed