漏洞类别:Web server漏洞等级: 漏洞信息 Requesting a malformed URL containing numerous escaped characters will cause Microsoft IIS performance to dramatically decrease until the URL has been processed. 漏洞危害 Note: To avoid causing a denial of service on your server, we don't…
漏洞类别:Web server漏洞等级: 漏洞信息 IBM HTTP Server powered by Apache is based on the Apache HTTP Server available for multiple platforms. IBM HTTP Server on Windows may be susceptible to "named pipe squatting attacks" from attackers with access to the web server operat…
漏洞类别:Web server漏洞等级: 漏洞信息 HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any c…
漏洞类别:Web server漏洞等级: 漏洞信息 BRS WebWeaver is a freeware program including a Web server and an FTP server developed by Blaine Southam. BRS WebWeaver contains several vulnerabilities that allow remote users to obtain sensitive information. The Web server has a dir…
漏洞类别:Web server漏洞等级: 漏洞信息 BearShare, a file-sharing program, contains a flaw that allows remote unauthorized users to use a variant of the ?dot-dot? attack to break out of the root directory used by BearShare. After breaking out of the root directory, the user…
漏洞类别:Web server漏洞等级: 漏洞信息 Web printing is activated! If you have already applied the appropriate patches to Microsoft IIS, then you can safely ignore this vulnerability. Internet Printing Protocol (IPP) enables remote users to submit various print related jobs…
漏洞类别:Web server漏洞等级: 漏洞信息 Note: This vulnerability only applies to CyberScheduler Version 2.1. CrossWind CyberScheduler is a team-oriented scheduling and calendaring package designed for use in corporate Intranets. It consists of two distinct parts--a set of C…
漏洞类别:Web server漏洞等级: 漏洞信息 Note: The following versions of SimpleServer:WWW are susceptible to this vulnerability: 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, and 1.0.8. Simpleserver:WWW is a freely available Web server from AnalogX. It is designed to provide an easy to…
漏洞类别:Web server漏洞等级: 漏洞信息 Allaire Macromedia ColdFusion is a Web application server. It supports quick development, publication, and management of Web content. ColdFusion Version 4.x includes a function called CFCACHE. This function improves server performance…
漏洞类别:Web server漏洞等级: 漏洞信息 IBM WebSphere Application Server is designed to facilitate the creation of enterprise Web applications. The Server is exposed to multiple security vulnerabilities. Affected Versions: IBM WebSphere Application Server (WAS) 7.0 before 7…
漏洞类别:Web server漏洞等级: 漏洞信息 Web Companion Software is part of the Filemaker Pro Version 5.0 database package. This package includes XML publishing capability, which does not make use of Filemaker Pro's Web security features. Filemaker Pro Version 5.0 also integr…
漏洞类别:Web server漏洞等级: 漏洞信息 The Viking Server is a freely available software package maintained and distributed by Robtex. The Viking Server provides multiple protocol service on Windows 95, Windows 98, and Windows NT systems. A problem occurs in the validation …
漏洞类别:Web server漏洞等级: 漏洞信息 Zope is a dynamic HTML management package maintained by the Zope Project. Some versions of Zope contain a path disclosure vulnerability that allows malicious users to view absolute path information. This issue can be exploited if the …
漏洞类别:Web server漏洞等级: 漏洞信息 Xitami is a Web server for Windows 98 and Windows Me from Imatix. Versions of Xitami are vulnerable to a denial of service attack. It is possible to remotely crash a system running the Xitami Web server by submitting a URL request for…
漏洞类别:Web server漏洞等级: 漏洞信息 Lotus Domino is a multi-platform Web server that integrates messaging with various interactive Web applications. Due to the handling of unusually long GET requests, it is possible for a remote user to exhaust system resources on a hos…
漏洞类别:Web server漏洞等级: 漏洞信息 WEBactive HTTP Server is configured by default to store the server log in the root WWW directory as the file "active.log". This file can be retrieved remotely. 漏洞危害 By exploiting this vulnerability, a malicious user could retrieve all…
漏洞类别:Web server漏洞等级: 漏洞信息 GoAhead WebServer contains a problem that makes it possible for remote users to deny service to legitimate users of the service. Few details on the nature of this problem are available. 漏洞危害 Upon accessing the GoAhead WebServer remote…
漏洞类别:Web server漏洞等级: 漏洞信息 Viking Server, a multi-purpose server product for Windows, provides SMTP mail service. The Viking Web server contains a directory traversal vulnerability. 漏洞危害 If successfully exploited, this could lead to the disclosure of sensitive …
漏洞类别:Web server漏洞等级: 漏洞信息 Zope is a dynamic HTML management package maintained by the Zope Project. Some versions of Zope contain a vulnerability that could allow remote users to modify internal Zope data structures. A remote user may be able to delete, add, o…
漏洞类别:Web server漏洞等级: 漏洞信息 Alt-N's WorldClient, which listens on port 2000, is an e-mail Web server included in the MDeamon Version 2.8.5.0 package. It allows users to retrieve e-mail via HTTP. Alt-N's WorldClient is susceptible to denial of service attacks due…
漏洞类别:Web server漏洞等级: 漏洞信息 BEA Systems WebLogic Server is an Enterprise-level Web and wireless application server. It's possible for an attacker to traverse the intended structure of the Web folders of a BEA Systems WebLogic Server by submitting a URL containin…
漏洞类别:Web server漏洞等级: 漏洞信息 WebDAV is an extension of the HTTP protocol and is installed by default on Microsoft IIS Version 5.0. WebDav enables remote users to manage and collaboratively edit files on remote Web servers. Microsoft IIS is subject to a denial of …
漏洞类别:Web server漏洞等级: 漏洞信息 NOTE: This vulnerability only applies to SEDUM HTTP Web Server Version 2.1. A denial of service vulnerability exists in this version of SEDUM shareware HTTP server for Microsoft Windows. By submitting a large number of characters to t…
漏洞类别:Web server漏洞等级: 漏洞信息 602Pro LAN SUITE is an application that provides connection sharing, as well as e-mail and fax services for networks. Remote administration capabilities exist through an integrated HTTP server. The inability to process legacy DOS Devi…
漏洞类别:Web server漏洞等级: 漏洞信息 Apache's Tomcat, a Servlet and JSP engine, is a subproject of the Jakarta Project. In a Windows NT environment, Apache Tomcat could be led to traverse the normal directory structure and return requested files from outside of the docum…