Files from Oliver Karow ≈ Packet Storm

Channel: Files from Oliver Karow ≈ Packet Storm

Bajie.txt

October 16, 2003, 3:16 pm

A cross site scripting vulnerability still exists in the newest Bajie HTTP server release even though the vendor had previously been notified of the problem.

View Article

webtrends.txt

January 20, 2004, 11:30 pm

WebTrends Reporting Center is administrated via a web interface that has a flaw which would allow a remote attacker to disclose the physical path to the application.

View Article

aldosweb.txt

May 3, 2004, 8:03 pm

Aldo's web server version 1.5 on Windows is susceptible to path disclosure and pathetic directory traversal attack that allows for remote access to any file on the system.

View Article

AppFoundryCOM1_Dos.txt

May 7, 2004, 12:19 pm

Appfoundry Message Foundry version 2.75.0003 is susceptible to a denial of service attack when an HTTP GET request for /com1 is passed to the server.

View Article

sambar.txt

June 3, 2004, 2:28 pm

Sambar Server version 6.x has been found susceptible to directory traversal, direct file access, and cross site scripting attacks

View Article

fsecureDisclose.txt

December 12, 2004, 11:21 am

F-Secure Policy Manager has a path disclosure vulnerability when being fed a malformed URL.

View Article

jakarta556_xss.txt

January 6, 2005, 5:42 pm

Apache Jakarta Tomcat version 5.5.6 is susceptible to cross site scripting attacks.

View Article

WebWasherCONNECT.txt

January 29, 2005, 12:14 am

WebWasher Classic has a design flaw weakness where the CONNECT method allows remote attackers to connect to any server listening on the localhost interface of the proxy server.

View Article

sonicwallXSS.txt

April 17, 2005, 12:14 am

SonicWall SOHO/10 is susceptible to cross site scripting and code injection vulnerabilities.

View Article

bluecoat7111.txt

August 14, 2005, 1:17 pm

Blue Coat Reporter 7.1.1.1 suffers from privilege escalation, HTML injection, and cross site scripting flaws.

View Article

astaro-6.0.txt

August 25, 2005, 10:45 pm

Astaro Security Linux 6.0.0.1 suffers from several vulnerabilities.

View Article

geronimo_css.txt

January 21, 2006, 12:41 pm

Apache Geronimo version 1.0 suffers from cross site scripting vulnerabilities.

View Article

Symantec Security Advisory - A connection from a SAP-DB/MaxDB WebDBM Client to the DBM Server causes a buffer overflow when the given database name is too large. This can result in the execution of...

View Article

SYMSA-2006-011.txt

November 29, 2006, 8:15 am

Symantec Vulnerability Research SYMSA-2006-011 - JBoss web server version 1.0.0.GA suffers from a directory traversal flaw.

View Article

SYMSA-2006-012.txt

December 7, 2006, 1:18 am

Symantec Vulnerability Research SYMSA-2006-011 - It is possible to create administrative user accounts for the 2X ThinClientServer Enterprise Edition application version v3_sp2-r1865, without...

View Article

SYMSA-2007-001.txt

January 18, 2007, 12:50 am

Symantec Vulnerability Research SYMSA-2007-001 - The Oracle Application Server 10g suffers from a directory traversal vulnerability.

View Article

securityreporter-traverse.txt

July 23, 2007, 7:27 pm

SecurityReporter version 4.6.3 from Secure Computing suffers from an authentication bypass and directory traversal vulnerability.

View Article

SYMSA-2007-015.txt

December 19, 2007, 4:42 pm

Symantec Vulnerability Research SYMSA-2007-015 - The Perforce P4Web is susceptible to a denial of service condition via resource starvation.

View Article

bitdefen-file.txt

January 21, 2008, 5:20 pm

BitDefender Update Server suffers from an unauthorized remote file access vulnerability.

View Article

mailscan-multi.txt

August 15, 2008, 5:18 pm

MailScan for Mail Servers version 5.6.a suffers from directory traversal, authentication bypass, cross site scripting, and log file access vulnerabilities.

View Article