A problem in the Apache HTTPD package could allow directory indexing and path discovery. In a default configuration, Apache enables mod_dir, mod_autoindex, and mod_negotiation. However, by sending the Apache server a custom-crafted request consisting of a long path name created artificially by using numerous slashes, an attacker can cause these modules to misbehave, allowing the attacker to escape the error page and to gain a listing of the directory contents.
A problem in the Apache HTTPD package could allow directory indexing and path discovery. In a default configuration, Apache enables mod_dir, mod_autoindex, and mod_negotiation. However, by sending the Apache server a custom-crafted request consisting of a long path name created artificially by using numerous slashes, an attacker can cause these modules to misbehave, allowing the attacker to escape the error page and to gain a listing of the directory contents.
FTPFS is a Linux kernel module allowing users to mount remote files from any standard FTP server as a local filesystem. A version of FTPFS is vulnerable to a buffer overflow leading to a denial of service, and potentially execution of arbitrary code. This overflow can be exploited by any local user with access to the mount command on a system with FTPFS installed.
Many FTP servers are vulnerable to a denial of service condition resulting from poor globbing algorithms and user resource usage limits. Globbing generates pathnames from file name patterns used by the shell, eg. wildcards denoted by * and ?, multiple choices denoted by {}, etc. The vulnerable FTP servers can be exploited to exhaust system resources if per-user resource usage controls have not been implemented.
Eudora is an email client that uses Internet Explorer to assist in the viewing of HTML messages if the 'Use Microsoft Viewer' option is enabled. It is possible for an attacker to execute arbitrary code on a remote system even if 'allow executables in HTML content' is disabled, if the 'Use Microsoft viewer' option is enabled.
The Free Online Dictionary of Computing CGI script is vulnerable to a directory traversal attack due to a failure to properly validate user supplied input. This allows an attacker to compose and submit requests for files readable by the webserver, as well as executing certain commands (those requiring no command line parameters) with the privilege level of the webserver process.
Versions of IBM NetCommerce and WebSphere Commerce Suite ecommerce packages employ weak password encryption for their users' and administrators' passwords. This encryption is defeatable using a widely-published decryption tool. Compromise of the user accounts could result in disclosure of sensitive information and interference with the normal operation of the affected website. Compromise of administrator accounts could result in disclosure of sensitive information, changes to website functionality, and, potentially, could assist in further compromises of security on the affected host.
A problem with tip could lead to a buffer overflow. Due to the improper handling of environment variables by tip, it is possible to overflow a buffer in the program, and execute arbitrary code. The tip binary is suid uucp, and exploitation could lead to an euid of uucp. Therefore, it is possible for a local user to execute arbitrary code, and gain an euid of uucp, with the potential of gaining privileges elevated to root.
Ikonboard is a perl-based discussion forum script from ikonboard.com. Versions of Ikonboard are vulnerable to remote disclosure of arbitrary files. By adding a null byte to the name of a requested file, the attacker can defeat the script's inbuilt feature of appending the suffix '.dat' to requested filenames, a precaution intended to limit the range of files readable using this script. Exploited in conjunction with '../' sequences inserted into the path of the requested file, this vulnerability allows a remote attacker to submit requests for arbitrary files which are readable by the webserver user. This could include sensitive system information, including account information and passwords for Ikonboard users and administrators.
A denial of service vulnerability exists in Michael Lamont Savant web server. Requesting a specially crafted URL composed of '%' characters could cause the server to stop responding.
Services By CQR