A flaw in the CGIServlet in Jetty allows an attacker to execute arbitrary commands on the server. Specifically, it is possible for an attacker to use directory traversal sequences and cause the CGIServlet to execute attacker-specified commands (such as running executables on the host).
A problem with the default installation of Midicart PHP may make it possible for remote users to gain access to sensitive information. The default installation of Midicart PHP does not place sufficient access control on files residing in the 'admin' folder. Files in this folder are meant to be accessed by privileged individuals and may contain sensitive information.
TightAuction is prone to an information disclosure vulnerability. The configuration file (config.inc) contains sensitive information such as database authentication credentials. It is possible for remote attackers to retrieve this file via a web request, and since the file does not have the correct extension (.inc.php) the contents will be rendered in a web browser instead of interpreted.
Py-Membres 3.1 is vulnerable to an unauthenticated access vulnerability. This vulnerability allows an attacker to manipulate URI parameters and log into the system as an arbitrary user without the need for passwords.
Apache is reported to be vulnerable to cross site scripting attacks. This vulnerability is due to the SSI error pages of the webserver not being properly sanitized of malicious HTML code. Attacker-supplied HTML and script code may be executed on a web client visiting the malicious link in the context of the webserver. Attacks of this nature may make it possible for attackers to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user.
Sendmail is a freely available, open source mail transport agent. It is maintained and distributed by the Sendmail Consortium. Sendmail is available for the Unix and Linux operating systems. smrsh is designed to prevent the execution of commands outside of the restricted environment. However, when commands are entered using either double pipes (||) or a mixture of dot (.) and slash (/) characters, a user may be able to bypass the checks performed by smrsh. This could lead to the execution of commands outside of the restricted environment.
Apache Tomcat 3.2.x on HP-UX 11.04 (VVOS) systems is vulnerable to a directory traversal attack. An attacker can send a specially crafted HTTP request containing a directory traversal string (e.g. β/%3F.jspβ) to the vulnerable server, which will allow the attacker to view the contents of directories.
Rogue is a game included with BSD distributions including FreeBSD and NetBSD. By passing an overly long value when restoring a saved game, it is possible for an attacker to corrupt memory. Exploitation of this issue could result in privilege escalation to the 'games' group, further resulting in the corruption of saved game data, as well as storage consumption.
Monkey HTTP server is prone to cross site scripting vulnerabilities. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied HTML and script code may be executed on a web client visiting the malicious link in the context of the webserver. Attackers may potentially exploit this issue to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user.
An attacker can use directory traversal attacks to gain access to sensitive information such as passwords and root files on a vulnerable system. This vulnerability affects both the Sun ONE Starter Kit and ASTAware SearchDisc.
Services By CQR