Vulnerabilities in OmniHTTPd default installation

Vulnerabilities in OmniHTTPd default installation Overview Two vulnerabilities exist within the 'statsconfig.pl' script that comes with OmniHTTPd v2.07 and is installed by default. The first allows a remote attacker to corrupt any file in the system. The second allows arbitrary code to b

DOS Vulnerability in SlimServe HTTPd

DOS Vulnerability in SlimServe HTTPd Overview SlimServe HTTPd v1.0 is a web server available from http://www.whitsoftdev.com and http://www.download.com. A DOS vulnerability exists which allows a remote attacker to crash the server. Details If an extraoridinarily long string of 'A

Web root exposure in HSWeb Webserver

Web root exposure in HSWeb Webserver Overview HSWeb v2.0 is a webserver available from http://www.jeffheaton.com and http://www.download.com. Any remote user can discover the physical path of the web root if directory browsing is enabled. Details If directory browsing is enabled,

Vulnerability in SEDUM HTTP Server

Vulnerability in SEDUM HTTP Server Overview SEDUM HTTP Server v2.0 is a web server available from http://www.frassetto.it and http://www.zdnet.com. A vulnerability exists which allows a remote user to break out of the web root using relative paths (ie: '..', '...'). Details

Vulnerability in Free Java Web Server

Vulnerability in Free Java Web Server Overview Free Java Web Server v1.0 is a Java web server available from http://www.download.com. A vulnerability exists which allows a remote user to break out of the web root using relative paths (ie: '..', '...'). Details http://local

Vulnerability in Picserver

Vulnerability in Picserver Overview Picserver is a specialized webserver available from http://www.informs.com and http://www.zdnet.com. A vulnerability exists which allows a remote user to break out of the web root using relative paths (ie: '..', '...'). Details http://l

Vulnerabilities in BiblioWeb Server

To Ben Greenbaum: Please post this advisory instead of the last. I needed to make a minor change to the 'Vendor Status' section. Thanks. -- Vulnerabilities in BiblioWeb Server Overview BiblioWeb Server 2.0 is a web server available from http://www.biblioscape.com. A vulner

Vulnerability in AOLserver

Vulnerability in AOLserver Overview AOLserver v3.2 is a web server available from http://www.aolserver.com. A vulnerability exists which allows a remote user user to break out of the web root using relative paths (ie: '...'). Details AOLServer checks the requested virtual path for

Vulnerability in Soft Lite ServerWorx

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerability in Soft Lite ServerWorx Overview Soft Lite ServerWorx v3.00 is a web server available from http://www.zdnet.com and http://www.softlite.net. A vulnerability exists which allows a remote user to break out of the we

Vulnerabilities in Pi3Web Server

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerabilities in Pi3Web Server Overview Pi3Web v1.0.1 is a web server available from http://www.zdnet.com. A vulnerability exists in the server's internal ISAPI handling procedures which results in a buffer overflow. The ser

Vulnerabilities in Bajie Http JServer

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerabilities in Bajie Http JServer Overview Bajie Http JServer v0.78 is a Java web server available from http://go.to/bajie and http://java.tucows.com. A vulnerability exists which allows a remote attacker to execute any CGI

Vulnerability in Resin Webserver

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerability in Resin Webserver Overview Resin 1.2.2 is a webserver available from http://www.caucho.com and http://java.tucows.com. A vulnerability exists which allows a remote user to break out of the web root using relativ

Vulnerability in FtpXQ Server

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerability in FtpXQ Server Overview FtpXQ Server 2.0.93 is an ftp server available from http://www.datawizard.net and http://www.download.com. A vulnerability exists which allows an attacker to download files outside the ftp

Vulnerability in TYPSoft FTP Server

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerability in TYPSoft FTP Server Overview TYPSoft FTP Server v0.85 is an ftp server available from http://www.webmasterfree.com and http://typsoft.n3.net. A vulnerability exists which allows a remote attacker to break out of

Vulnerability in SlimServe FTPd

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerability in SlimServe FTPd Overview SlimServe FTPd v1.0 is an ftp server available from http://www.whitsoftdev.com and http://www.download.com. A vulnerability exists which allows an attacker to break out of the ftp root u

DOS Vulnerability in SlimServe HTTPd

- Begin Hush Signed Message from [EMAIL PROTECTED] - DOS Vulnerability in SlimServe HTTPd Overview SlimServe HTTPd v1.1 is a web server available from http://www.whitsoftdev.com and http://www.download.com. A DOS vulnerability exists which allows a remote attacker to crash the se

Vulnerability in Viking Web Server

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerability in Viking Web Server Overview Viking v1.07 is a 'multi-protocol-internet-server' available from http://www.robtex.com. A vulnerability exists with the web server which allows a remote user to break out of the web

Vulnerabilities in RaidenFTPD Server

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerabilities in RaidenFTPD Server Overview RaidenFTPD v2.1 is an ftp server available from http://playstation2.idv.tw/raidenftpd. Vulnerabilities exist which allow users to break out of the ftp root. Details The foll

Vulnerability in WebXQ Server

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerability in WebXQ Server Overview WebXQ v2.1.204 is a web server available from http://www.datawizard.net. A vulnerability exists which allows a remote user to break out of the ftp root. Details The following URL de

Vulnerabilities in BRS WebWeaver

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerabilities in BRS WebWeaver Overview BRS WebWeaver v0.63 is a combined ftp and web server available from http://bsoutham.home.dhs.org. Vulnerabilities exist in the web server which allow remote users to break out of the we

Vulnerabilities in Alex's FTP Server

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerabilities in Alex's FTP Server Overview Alex's Ftp Server v0.7 is an ftp server available from http://www.alex.feedback.net. Vulnerabilities exist which allow a user to break out of the ftp root. Details The follow

Vulnerabilities in CrushFTP Server

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerabilities in CrushFTP Server Overview CrushFTP Server 2.1.4 is a java ftp server available from http://www.crushftp.com. Multiple vulnerabilities exist which allow users to change directories outside of the ftp root and d

Potential DOS Vulnerability in WFTPD

- Begin Hush Signed Message from [EMAIL PROTECTED] - Potential DOS Vulnerability in WFTPD Overview WFTPD v3.00R5 is an ftp server available from http://www.wftpd.com and http://www.download.com. A potential denial-of-service vulnerability exists which allows a remote attacker to

Vulnerability in viewsrc.cgi

- Begin Hush Signed Message from [EMAIL PROTECTED] - Vulnerability in viewsrc.cgi Overview viewsrc.cgi v2.0 is a source-code viewing CGI script available from http://www.mimanet.com/scripts. A vulnerability exists which allows a remote user to view any file on the server.