Searching trailing software vulnerabilities

Acme Thttpd Secure Webserver before 2.22, with

Webserver | before | Secure | Thttpd | Acme |

Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.


Acme mini_httpd before 1.16 allows remote attac

mini_httpd | before | Acme |

Acme mini_httpd before 1.16 allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.


602Pro LAN SUITE 2002 allows remote attackers t

602Pro | SUITE | LAN |

602Pro LAN SUITE 2002 allows remote attackers to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or ".bak" extension.


Perception LiteServe 2.0 through 2.0.1 allows r

Perception | LiteServe | through |

Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot (".").


ZoneAlarm Pro 3.0 MailSafe allows remote attack

attachments | containing | filtering | arbitrary | extension | attackers | ZoneAlarm | possibly | MailSafe | trailing | execute | remote | bypass | allows | after | email | file | code | via | Pro | dot |

ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension.


faqmanager.cgi in FAQManager 2.2.5 and earlier

faqmanagercgi | FAQManager |

faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00).


WWW File Share Pro 2.42 and earlier allows remo

Share | File | Pro |

WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions via (1) a URL with a trailing . (dot), or (2) a URI with a leading slash or backslash character.


VocalTec VGW4/8 Gateway 8.0 allows remote attac

authentication | attackers | VocalTec | trailing | request | Gateway | homeasp | remote | allows | VGW4/8 | bypass | slash | HTTP | via |

VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass authentication via an HTTP request to home.asp with a trailing slash (/).


Ada Image Server (ImgSvr) 0.4 allows remote att

Server | Image | Ada |

Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).


MiniShare 1.3.2 allows remote attackers to caus

MiniShare |

MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences.


The MIMEH_read_headers function in ripMIME 1.3.

MIMEH_read_headers | function | ripMIME |

The MIMEH_read_headers function in ripMIME 1.3.1.0 does not properly handle trailing "\r" and "\n" characters in headers, which leads to a buffer underflow.


RaidenHTTPD 1.1.32, and possibly other versions

RaidenHTTPD |

RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing (1) . (dot) or (2) space.


IceCast 2.20 allows remote attackers to bypass

IceCast |

IceCast 2.20 allows remote attackers to bypass the XSL parser and obtain the source for XSL files via a request for a .xsl file with a trailing . (dot).


Mercur Messaging 2005 SP2 allows remote attacke

Messaging | Mercur |

Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20").


Yaws Webserver 1.55 and earlier allows remote a

Webserver | Yaws |

Yaws Webserver 1.55 and earlier allows remote attackers to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 (null).


EMC Navisphere Manager 6.4.1.0.0 allows remote

Navisphere | Manager | EMC |

EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to list arbitrary directories via an HTTP request for a directory that ends in a "." (trailing dot).


Xerver 4.17 allows remote attackers to (1) obta

Xerver |

Xerver 4.17 allows remote attackers to (1) obtain source code of scripts via a request with a trailing "." (dot) or (2) list directory contents via a trailing null character.


The TCLHTTPd service in Lyris ListManager befor

ListManager | arbitrary | attackers | TCLHTTPd | service | obtain | source | remote | before | allows | Lyris | code | tml | 89b |

The TCLHTTPd service in Lyris ListManager before 8.9b allows remote attackers to obtain source code for arbitrary .tml (TCL) files via (1) a request with a trailing null byte (%00), which might also require (2) an authentication bypass step that involves a username with a trailing "@" characters.


httpsv.exe in HTTP Server 1.6.2 allows remote a

httpsvexe | Server | HTTP |

httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sensitive information (script source code) via a URI with a trailing %20 (encoded space).


mod_access.c in lighttpd 1.4.15 ignores trailin

mod_accessc | lighttpd |

mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.


Software vulnerabilities results 1 to 20 of 96     
Page: 12345