Search Results | AttackerKB

Show filters

Topics 106 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

106 Total Results

Displaying 71-80 of 106

Attacker Value

Unknown

CVE-2003-0314

Disclosure Date: June 16, 2003 (last updated February 22, 2025)

Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "</" sequence.

0

Attacker Value

Unknown

CVE-2002-2403

Disclosure Date: December 31, 2002 (last updated February 22, 2025)

Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences.

0

Attacker Value

Unknown

CVE-2002-1994

Disclosure Date: December 31, 2002 (last updated February 22, 2025)

advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed (CRLF) sequence.

0

Attacker Value

Unknown

CVE-2002-1080

Disclosure Date: October 04, 2002 (last updated February 22, 2025)

The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.

0

Attacker Value

Unknown

CVE-2002-1079

Disclosure Date: October 04, 2002 (last updated February 22, 2025)

Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in an HTTP GET request.

0

Attacker Value

Unknown

CVE-2002-1061

Disclosure Date: October 04, 2002 (last updated February 22, 2025)

Multiple buffer overflows in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP GET request with a long major version number, (2) an HTTP GET request to the HTTP proxy on port 3128 with a long major version number, (3) a long OK reply from a POP3 server, and (4) a long SMTP server response.

0

Attacker Value

Unknown

CVE-2002-1031

Disclosure Date: October 04, 2002 (last updated February 22, 2025)

KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character.

0

Attacker Value

Unknown

CVE-2002-1064

Disclosure Date: October 04, 2002 (last updated February 22, 2025)

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server.

0

Attacker Value

Unknown

CVE-2002-1063

Disclosure Date: October 04, 2002 (last updated February 22, 2025)

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes all available FTP ports.

0

Attacker Value

Unknown

CVE-2002-1065

Disclosure Date: October 04, 2002 (last updated February 22, 2025)

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.

0