漏洞类别:Web server漏洞等级: 漏洞信息 Alt-N's WorldClient, which listens on port 2000, is an e-mail Web server included in the MDeamon Version 2.8.5.0 package. It allows users to retrieve e-mail via HTTP. Alt-N's WorldClient is susceptible to denial of service attacks due…
漏洞类别:Web server漏洞等级: 漏洞信息 BEA Systems WebLogic Server is an Enterprise-level Web and wireless application server. It's possible for an attacker to traverse the intended structure of the Web folders of a BEA Systems WebLogic Server by submitting a URL containin…
漏洞类别:Web server漏洞等级: 漏洞信息 WebDAV is an extension of the HTTP protocol and is installed by default on Microsoft IIS Version 5.0. WebDav enables remote users to manage and collaboratively edit files on remote Web servers. Microsoft IIS is subject to a denial of …
漏洞类别:Web server漏洞等级: 漏洞信息 NOTE: This vulnerability only applies to SEDUM HTTP Web Server Version 2.1. A denial of service vulnerability exists in this version of SEDUM shareware HTTP server for Microsoft Windows. By submitting a large number of characters to t…
漏洞类别:Web server漏洞等级: 漏洞信息 602Pro LAN SUITE is an application that provides connection sharing, as well as e-mail and fax services for networks. Remote administration capabilities exist through an integrated HTTP server. The inability to process legacy DOS Devi…
漏洞类别:Web server漏洞等级: 漏洞信息 Apache's Tomcat, a Servlet and JSP engine, is a subproject of the Jakarta Project. In a Windows NT environment, Apache Tomcat could be led to traverse the normal directory structure and return requested files from outside of the docum…
漏洞类别:Web server漏洞等级: 漏洞信息 Michael Lamont Savant Web server is an open-source Web server designed for Windows environments. It's possible to cause a denial of service condition in Savant Web server by requesting a specially crafted URL composed of numerous '%' …
漏洞类别:Web server漏洞等级: 漏洞信息 Robin Twombly's A1 Web server is a light-weight Web server designed specifically for Windows environments. A remote user could gain read access to directories outside the Web root by requesting a specially crafted URL composed of '../…
漏洞类别:Web server漏洞等级: 漏洞信息 Robin Twombly's A1 Web server is a light-weight Web server designed specifically for Windows environments. It's possible for a remote user to cause a denial of service condition in A1 Server by submitting a specially crafted request t…
漏洞类别:Web server漏洞等级: 漏洞信息 WebDAV is an extension of the HTTP protocol and is installed by default on Microsoft IIS Version 5.0. WebDav enables remote users to manage and collaboratively edit files on remote Web servers. WebDAV contains a flaw in the handling o…
漏洞类别:Web server漏洞等级: 漏洞信息 BEA Systems WebLogic Server is an Enterprise-level Web and wireless application server. Unchecked buffers exist in a particular handler for URL requests that begin with two dots (..). 漏洞危害 Depending on the data entered into the buffer…
漏洞类别:Web server漏洞等级: 漏洞信息 O'Reilly & Associates Website Professional is a Web server designed for Windows environments. It's possible for a remote attacker to disclose the physical path to the root directory on a machine with Website Professional installed…
漏洞类别:Web server漏洞等级: 漏洞信息 Apache contains two helper programs, "htdigest" and "htpasswd", that insecurely create files in the /tmp directory. This may result in a race condition. 漏洞危害 Using a symbolic link, a malicious local user can exploit this vulnerability…
漏洞类别:Web server漏洞等级: 漏洞信息 IBM HTTP Server contains AfpaCache directive, which turns the Fast Response Cache Accelerator function on or off. IBM HTTP Server is subject to a denial of service. Requesting multiple malformed HTTP GET requests will cause the consum…
漏洞类别:Web server漏洞等级: 漏洞信息 Netscape Enterprise Server is industrial-strength Web server software that enables organizations to publish content and deploy network-centric applications. By requesting a specially crafted command via a telnet port, a malicious user…
漏洞类别:Web server漏洞等级: 漏洞信息 Netscape Enterprise Server is industrial-strength Web server software that enables organizations to publish content and deploy network-centric applications. By requesting a specially crafted command via a telnet port, a malicious user…
漏洞类别:Web server漏洞等级: 漏洞信息 Microsoft IIS is shipped with a number of HTR scripts, which are processed by ISAPI extensions. Due to the handling of requests by the ISAPI extensions, it's possible for a remote user to disclose various known files. A maliciously cr…
漏洞类别:Web server漏洞等级: 漏洞信息 Interscan VirusWall is a virus scanner distributed and maintained by Trend Micro. It is designed to scan for virus occurrences in both incoming and outgoing traffic via SMTP, FTP, and HTTP at the gateway of the network. The method use…
漏洞类别:Web server漏洞等级: 漏洞信息 Allaire JRun Version 3.0 HTTP servlet server allows remote users to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash"). 漏洞危害 By exploiting…
漏洞类别:Web server漏洞等级: 漏洞信息 Microsoft's IIS Version 4.0 and 5.0 ASP pages send the same Session ID cookie for secure and insecure Web sessions. A remote unauthorized user may be able to hijack the secure Web session of a legitimate user. This is possible if the …
漏洞类别:Web server漏洞等级: 漏洞信息 Acme THTTPd HTTP server includes a CGI program external to thttpd called "ssi". This program provides the functionality of the built-in server-side-includes feature in some HTTP daemons. The names of files to be filtered through the s…
漏洞类别:Web server漏洞等级: 漏洞信息 WEBactive, developed by ITAfrica, is an HTTP server daemon for small home offices or businesses. WEBactive is vulnerable to a denial of service attack. A malicious user can cause the denial of service by requesting a URL with 280+ cha…
漏洞类别:Web server漏洞等级: 漏洞信息 If a request containing the null character (%00) or the space character (%20) is made to the Roxen WebServer, the server will return directory contents, as well as the source of unparsed scripts and HTML pages. For example, a request …
漏洞类别:Web server漏洞等级: 漏洞信息 It seems that you are running an IBM Websphere Server. If your server is not an IBM Websphere Server, then you can safely ignore this vulnerability. IBM Websphere Server Versions 3.0.2, 3.0 and 2.0 are case-sensitive. If you change th…
漏洞类别:CGI漏洞等级: 漏洞信息 Sun Chili!Soft ASP (CASP) is a cross-platform Active Server Pages implementation for Linux and other platforms, including Lotus Domino, Apache, HP-UX, and AIX. The default installation of Chili!Soft ASP includes sample scripts which are vuln…