Show filters
106 Total Results
Displaying 91-100 of 106
Sort by:
Attacker Value
Unknown

CVE-2002-0566

Disclosure Date: July 03, 2002 (last updated February 22, 2025)
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type.
0
0
Attacker Value
Unknown

CVE-2002-0564

Disclosure Date: July 03, 2002 (last updated February 22, 2025)
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials.
0
0
Attacker Value
Unknown

CVE-2002-0560

Disclosure Date: July 03, 2002 (last updated February 22, 2025)
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listprint, or (3) OWA_UTIL.show_query_columns.
0
0
Attacker Value
Unknown

CVE-2002-0543

Disclosure Date: July 03, 2002 (last updated February 22, 2025)
Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (dot dot) sequences in the HTTP request.
0
0
Attacker Value
Unknown

CVE-2001-0557

Disclosure Date: August 14, 2001 (last updated February 22, 2025)
T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e).
0
0
Attacker Value
Unknown

CVE-2001-1030

Disclosure Date: July 18, 2001 (last updated February 22, 2025)
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
0
0
Attacker Value
Unknown

CVE-2001-0366

Disclosure Date: June 27, 2001 (last updated February 22, 2025)
saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program.
0
0
Attacker Value
Unknown

CVE-2001-0275

Disclosure Date: May 03, 2001 (last updated February 22, 2025)
Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request.
0
0
Attacker Value
Unknown

CVE-2001-0186

Disclosure Date: May 03, 2001 (last updated February 22, 2025)
Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
0
0
Attacker Value
Unknown

CVE-1999-0681

Disclosure Date: March 12, 2001 (last updated February 22, 2025)
Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
0
0
View More Topics  < Previous  Next >