Remote exploit for atphttpd version 0.4b and below on Linux x86 that binds a shell to port 65535. Tested against Debian 3.0 and RedHat 8.0.
88c26342e5f68deb853d183ed815a06e8979d2f24a421572d430729ffa44b177MyServer 0.4.3 is susceptible to a directory traversal attack that allows access to files and directories outside of the web root.
68bb16515c9ee3c7c84f0f2841e61a967e5f41bddba16ef2109fdc524f55d956The cfservd daemon in Cfengine 2.x prior to version 2.08 has an exploitable stack overflow in the network I/O code used.
4f06f3f2f02b486dfdd217a7ff03223f7424d241ec1afc4a509699b4844b8187sbox version 1.04, the CGI wrapper that allows for safer execution of scripts, has a path disclosure vulnerability.
fc5c9dad742ebccdda421f6976490552abe905fc46a6e3f379b4330516de256aRemote MIRC proof of concept exploit that makes use of an overflow in the USERHOST reply to the mirc-client.
3774e02cc6ee4c5aca911c9c7b205bbe05c9bb15c2744e361b6003cd73bb6347Vomit, or voice over misconfigured internet telephones, is a utility that converts a Cisco IP phone conversation into a wave file that can be played with ordinary sound players. Vomit requires a tcpdump output file.
39781b0d74b5139af7a5256779e01855f6e015c12dafc16f9fc6f86d7c316cebProof of concept exploit for /usr/sbin/chat on RedHat Linux 7.3. Note: chat is not setuid by default on most installations.
c9a281b9044a9467791c8614d54bcf288295b2f5098c342bdf3f19623a7da630Macromedia's ColdFusion is susceptible to a cross site scripting attack under certain conditions.
a735d602394b50e656bc281563c0a6fa0a3b76a6ea07c95001ca5055469a229aRe-Boot Design ASP Forum is vulnerable to a SQL injection attack that allows remote accessing of a user account without prior knowledge of their password.
e678d70617cc30fc5813f731c6760853903497a982dccceee63e02e782e18f04Thread-ITSQL is susceptible to cross site scripting attacks in its Topic Title, Name and Message fields.
a8673828a2c183f9ff8049970d8dbf6c66a148d78e082ca0072c4acc741f989aThe Thread-IT Message board is vulnerable to cross site scripting injection via the Topic Title, Name and Message fields.
10e3db50f48b3886d5c8ae6c8e46cadf3fa8ec612cab4d818e88e79ee5f0385fComment Board is susceptible to cross site scripting attacks in the Topic Title, Name, and Message fields.
827dc62fdf35b1cc001920e7959315e067206ab13b453f97e6841f66fd718d36WebWeaver version 1.06 and below allows for anonymous surfing of the server if the Host field is set excessively long. It is also susceptible to various denial of services attacks.
d379db7c0aee30b485cfe256c1ea095e1ecc0ca84aa0b246acdf7e56cbf677dcFreeBSD Security Advisory FreeBSD-SA-03:14.arp - Under certain circumstances, it is possible for an attacker to flood a FreeBSD system with spoofed ARP requests, causing resource starvation which eventually results in a system panic.
dde29ce8a88cf20ce908f5b73c17ed056e549898e79d57c425cc8cd42cc921c5Guardian Digital Security Advisory - The Guardian Digital WebTool mistakingly uses a GET method instead of a POST method when passing along a user passphrase for SSH keys being generated allowing for the passphrases to get logged in /var/log/userpass.log along with the rest of the query string.
f3c7790699c2de28eff06ee5c00de602e489b1a387068cec05c864ef10156833602PRO LanSuite 2003 for Windows is vulnerable to sensitive information disclosure, logs freely being accessible to any remote attacker, the ability to read any file on the server, and directory traversal attacks.
9f04a1d343d4cc73ccc8d7925f80792502dfe9ae066749060a5a410c141bac4bThe Savant Web Server version 3.1 for Windows 95, 98, ME, NT, and 2000 is remotely vulnerable to a denial of service condition when various malformed GET requests are passed to the server.
2bd87abf901a44d0071f6039019aec576f2bf17865434df7b85c0d48b661fdc7TCLHttpd version 3.4.2 is susceptible to arbitrary directory browsing when an absolute path is entered against Dirlist.tcl even though it does prevent and filter basic URL attacks. This release also suffers from multiple cross site scripting vulnerabilities.
cd7f1d11b3ca6f5557a7089d0ad41c6cfe112cbae11c131b99ae3ae789457d9eThe Oracle-Proxy aka SQL-Gateway of Gauntlet Firewall version 6 crashes when invalid data is sent over any defined SQL-gw disallowing any future connections.
a0e10a92d97abbd19d53edba384816435d156b0d725e5b27d36f4936aab82bbeNULLhttpd version 0.5.1 and below is vulnerable to a simple cross-site scripting attack.
9bd9eaaee3c3e86fe3542b65ecfc1b31fb82cef2f2febf220de60c32a9c33f01NULLhttpd version 0.5.1 and below is vulnerable to a remote denial of service attack that utilizes 100% of the CPU and consumes any unused memory.
5e460644a7de9fa6951e7addf77a7867790c8a4a7e60614db8e8431f63fde7dcPROTEGO Security Advisory #PSA200302 - MondoSearch versions 4.4, 5.0, and 5.1 are all susceptible to having arbitrary ASP code executed on the server via the Msmsetup.exe binary.
dd2110920726df2b84f352c14daafac87f04aa60c0693776f805424930b8f0f7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed