Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-18 | CVE-2005-1666 | Remote Buffer Overflow vulnerability in Orenosv HTTP/FTP Server FTP Commands Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP commands such as MKD, RMD, or DELE, which are processed by the (1) ftp_xlate_path, (2) ftp_is_canonical, or (3) os_fn_nativize functions, or (4) a long SSI command that is processed by the parse_cmd function in cgissi.exe. | 7.5 |
| 2005-05-18 | CVE-2005-1665 | Denial-Of-Service vulnerability in ASP.Net 1.0/1.1 The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup. | 5.0 |
| 2005-05-18 | CVE-2005-1664 | Unspecified vulnerability in Microsoft Asp.Net 1.0/1.1 The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote attackers to conduct replay attacks to (1) apply a ViewState generated from one view to a different view, (2) reuse ViewState information after the application's state has changed, or (3) use the ViewState to conduct attacks or expose content to third parties. | 6.4 |
| 2005-05-18 | CVE-2005-1663 | Directory Traversal And Denial Of Service vulnerability in Jeuce Personal web Server 2.13 Jeuce Personal Web Server 2.13 allows remote attackers to cause a denial of service (server crash) via a GET request beginning with "://". | 5.0 |
| 2005-05-18 | CVE-2005-1662 | Directory Traversal And Denial Of Service vulnerability in Jeuce Personal Web Server Directory traversal vulnerability in Jeuce Personal Web Server 2.13 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-05-18 | CVE-2005-1661 | Denial-Of-Service vulnerability in Jeuce Personal web Server 2.13 Jeuce Personal Webserver 2.13 allows remote attackers to cause a denial of service (server crash) via a long GET request, possibly triggering a buffer overflow. | 5.0 |
| 2005-05-18 | CVE-2005-1660 | Information Disclosure vulnerability in EZGuestbook HTMLJunction EZGuestbook stores the guestbook.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the administrative password. | 7.5 |
| 2005-05-18 | CVE-2005-1659 | Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to inject arbitrary Javascript via a URL with a "..." (triple dot) followed by an onmouseover event. network myserver | 4.3 |
| 2005-05-18 | CVE-2005-1658 | Directory Traversal vulnerability in Myserver 0.8 Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot). | 5.0 |
| 2005-05-18 | CVE-2005-1657 | Directory Traversal vulnerability in Mercur Messaging 2005Sp2 Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml. | 7.5 |