Perception LiteServe 1.25 allows remote attackers to obtain source code of CGI scripts via URLs that contain MS-DOS conventions such as (1) upper case letters or (2) 8.3 file names. Date published : 2001-10-12...
Monthly Archive: October 2001
Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers to cause a denial of service via a long USER command. Date published : 2001-10-12 http://archives.neohapsis.com/archives/bugtraq/2001-06/0280.html
Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access. Date published : 2001-10-12 http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00006.html
Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a denial of service (CPU exhaustion) via a port scan, which causes the server to consume CPU while preparing alerts. Date published...
Format string vulnerability in avpkeeper in Kaspersky KAV 184.108.40.206 for Sendmail allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed mail message. Date published : 2001-10-12...
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header. Date published : 2001-10-12 http://www.securityfocus.com/bid/2881 http://archives.neohapsis.com/archives/bugtraq/2001-06/0228.html
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file. Date published : 2001-10-12 http://www.securityfocus.com/bid/2882 http://archives.neohapsis.com/archives/bugtraq/2001-06/0228.html
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command. Date published : 2001-10-12 http://www.securityfocus.com/bid/2886 http://archives.neohapsis.com/archives/bugtraq/2001-06/0227.html
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file. Date published : 2001-10-12 http://archives.neohapsis.com/archives/bugtraq/2001-06/0302.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6741
Buffer overflow in SpoonFTP 220.127.116.11 allows remote attackers to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST. Date published : 2001-10-12 http://archives.neohapsis.com/archives/bugtraq/2001-05/0296.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6630
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20). Date published : 2001-10-12 http://archives.neohapsis.com/archives/bugtraq/2001-05/0248.html http://www.omnicron.ca/httpd/docs/release.html
Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts. Date published : 2001-10-12 http://www.securityfocus.com/bid/2783 http://archives.neohapsis.com/archives/bugtraq/2001-05/0248.html