Vulnerabilities in OmniHTTPd default installation
Overview
Two vulnerabilities exist within the 'statsconfig.pl' script that
comes with OmniHTTPd v2.07 and is installed by default. The first
allows a remote attacker to corrupt any file in the system. The second
allows arbitrary code to b
DOS Vulnerability in SlimServe HTTPd
Overview
SlimServe HTTPd v1.0 is a web server available from http://www.whitsoftdev.com
and http://www.download.com. A DOS vulnerability exists which allows a
remote
attacker to crash the server.
Details
If an extraoridinarily long string of 'A
Web root exposure in HSWeb Webserver
Overview
HSWeb v2.0 is a webserver available from http://www.jeffheaton.com and
http://www.download.com. Any remote user can discover the physical path
of the web root if directory browsing is enabled.
Details
If directory browsing is enabled,
Vulnerability in SEDUM HTTP Server
Overview
SEDUM HTTP Server v2.0 is a web server available from
http://www.frassetto.it and http://www.zdnet.com. A vulnerability exists
which allows a remote user to break out of the web root using relative
paths (ie: '..', '...').
Details
Vulnerability in Free Java Web Server
Overview
Free Java Web Server v1.0 is a Java web server available from
http://www.download.com. A vulnerability exists which allows a remote
user to break out of the web root using relative paths (ie: '..', '...').
Details
http://local
Vulnerability in Picserver
Overview
Picserver is a specialized webserver available from http://www.informs.com
and http://www.zdnet.com. A vulnerability exists which allows a remote
user to break out of the web root using relative paths (ie: '..', '...').
Details
http://l
To Ben Greenbaum:
Please post this advisory instead of the last. I needed to
make a minor change to the 'Vendor Status' section. Thanks.
--
Vulnerabilities in BiblioWeb Server
Overview
BiblioWeb Server 2.0 is a web server available from
http://www.biblioscape.com. A vulner
Vulnerability in AOLserver
Overview
AOLserver v3.2 is a web server available from http://www.aolserver.com.
A vulnerability exists which allows a remote user user to break out of the
web root using relative paths (ie: '...').
Details
AOLServer checks the requested virtual path for
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerability in Soft Lite ServerWorx
Overview
Soft Lite ServerWorx v3.00 is a web server available from
http://www.zdnet.com and http://www.softlite.net. A vulnerability exists
which allows a remote user to break out of the we
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerabilities in Pi3Web Server
Overview
Pi3Web v1.0.1 is a web server available from http://www.zdnet.com. A
vulnerability exists in the server's internal ISAPI handling procedures
which results in a buffer overflow. The ser
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerabilities in Bajie Http JServer
Overview
Bajie Http JServer v0.78 is a Java web server available from
http://go.to/bajie and http://java.tucows.com. A vulnerability exists
which allows a remote attacker to execute any CGI
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerability in Resin Webserver
Overview
Resin 1.2.2 is a webserver available from http://www.caucho.com and
http://java.tucows.com. A vulnerability exists which allows a remote
user to break out of the web root using relativ
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerability in FtpXQ Server
Overview
FtpXQ Server 2.0.93 is an ftp server available from
http://www.datawizard.net and http://www.download.com. A vulnerability
exists which allows an attacker to download files outside the ftp
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerability in TYPSoft FTP Server
Overview
TYPSoft FTP Server v0.85 is an ftp server available from
http://www.webmasterfree.com and http://typsoft.n3.net. A vulnerability
exists which allows a remote attacker to break out of
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerability in SlimServe FTPd
Overview
SlimServe FTPd v1.0 is an ftp server available from
http://www.whitsoftdev.com and http://www.download.com. A vulnerability
exists which allows an attacker to break out of the ftp root u
- Begin Hush Signed Message from [EMAIL PROTECTED] -
DOS Vulnerability in SlimServe HTTPd
Overview
SlimServe HTTPd v1.1 is a web server available from
http://www.whitsoftdev.com and http://www.download.com. A DOS
vulnerability exists which allows a remote attacker to crash the se
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerability in Viking Web Server
Overview
Viking v1.07 is a 'multi-protocol-internet-server' available from
http://www.robtex.com. A vulnerability exists with the web server
which allows a remote user to break out of the web
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerabilities in RaidenFTPD Server
Overview
RaidenFTPD v2.1 is an ftp server available from
http://playstation2.idv.tw/raidenftpd. Vulnerabilities exist which allow
users to break out of the ftp root.
Details
The foll
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerability in WebXQ Server
Overview
WebXQ v2.1.204 is a web server available from http://www.datawizard.net.
A vulnerability exists which allows a remote user to break out of the
ftp root.
Details
The following URL de
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerabilities in BRS WebWeaver
Overview
BRS WebWeaver v0.63 is a combined ftp and web server available from
http://bsoutham.home.dhs.org. Vulnerabilities exist in the web
server which allow remote users to break out of the we
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerabilities in Alex's FTP Server
Overview
Alex's Ftp Server v0.7 is an ftp server available from http://www.alex.feedback.net.
Vulnerabilities exist which allow a user to break out of the ftp root.
Details
The follow
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerabilities in CrushFTP Server
Overview
CrushFTP Server 2.1.4 is a java ftp server available from
http://www.crushftp.com. Multiple vulnerabilities exist which allow
users to change directories outside of the ftp root and d
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Potential DOS Vulnerability in WFTPD
Overview
WFTPD v3.00R5 is an ftp server available from http://www.wftpd.com
and http://www.download.com. A potential denial-of-service
vulnerability exists which allows a remote attacker to
- Begin Hush Signed Message from [EMAIL PROTECTED] -
Vulnerability in viewsrc.cgi
Overview
viewsrc.cgi v2.0 is a source-code viewing CGI script available from
http://www.mimanet.com/scripts. A vulnerability exists which
allows a remote user to view any file on the server.
24 matches
Mail list logo