0x90

Information Security professional....

BSR Webweaver 1.33 /script security Bypass vulnerability

BSR Webweaver 1.33 Author : Usman Saeed , Exploit @ Xc0re Security Research Group. [*] Date: 15/09/09 [*] http://www.brswebweaver.com/downloads.html [*] Attack type : Remote [*] Patch Status : Unpatched [*] Description : In ISAPI/CGI path is [%installdirectory%/scripts] and through HTTP the alias is [http://[host]/scripts] ,The access security check is that if the attacker tries to …

BSR Webweaver 1.33 /script security Bypass vulnerability Read More »

Kolibri+ Webserver 2 Multiple Vulnerabilities

Kolibri+ Webserver 2 suffers from multiple vulnerabilities namely Directory Traversal &  Denial OF Service. Vulnerability was reported on 6th of September 2009 by Xc0re Security Research Group. http://xc0re.net/index.php?p=1_19_Kolibri+-Webserver-2-multiple-vulnerabilities An attacker can easily crash the server , or send a crafted http request to escape the root directory and view any file , even outside the …

Kolibri+ Webserver 2 Multiple Vulnerabilities Read More »