CVE-2010-1999
published 2010-05-20CVE-2010-1999: Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when register_globals is enabled, allows remote attackers to include…
PriorityP434medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
2.23%
80.5th percentile
Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openmairie | opencatalogue | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL FTP CWD overflow attempt
suricata·2010-09-23
CVE-1999-0219 GPL FTP CWD overflow attempt
GPL FTP CWD overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP CWD overflow attempt"; flow:established,to_server; content:"CWD"; nocase; isdataat:100,relative; pcre:"/^CWD\s[^\n]{100}/smi"; reference:bugtraq,11069; reference:bugtraq,1227; reference:bugtraq,1690; reference:bugtraq,6869; reference:bugtraq,7251; reference:bugtraq,7950; reference:cve,1999-0219; reference:cve,1999-1058; reference:cve,1999-1510; reference:cve,2000-1035; reference:cve,2000-1194; reference:cve,2001-0781; reference:cve,2002-0126; reference:cve,2002-0405; classtype:attempted-admin; sid:2101919; rev:25; metadata:created_at 2010_09_23, cve CVE_1999_0219, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP SITE overflow attempt
suricata·2010-09-23
CVE-1999-0838 GPL FTP SITE overflow attempt
GPL FTP SITE overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP SITE overflow attempt"; flow:established,to_server; content:"SITE"; nocase; isdataat:100,relative; pcre:"/^SITE\s[^\n]{100}/smi"; reference:cve,1999-0838; reference:cve,2001-0755; reference:cve,2001-0770; classtype:attempted-admin; sid:2101529; rev:13; metadata:created_at 2010_09_23, cve CVE_1999_0838, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL SNMP public access tcp
suricata·2010-09-23
CVE-1999-0517 GPL SNMP public access tcp
GPL SNMP public access tcp
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 161 (msg:"GPL SNMP public access tcp"; flow:established,to_server; content:"public"; reference:bugtraq,2112; reference:bugtraq,4088; reference:bugtraq,4089; reference:bugtraq,7212; reference:cve,1999-0517; reference:cve,2002-0012; reference:cve,2002-0013; classtype:attempted-recon; sid:2101412; rev:15; metadata:created_at 2010_09_23, cve CVE_1999_0517, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC portmap rusers request TCP
suricata·2010-09-23
CVE-1999-0626 GPL RPC portmap rusers request TCP
GPL RPC portmap rusers request TCP
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap rusers request TCP"; flow:established,to_server; content:"|00 01 86 A0|"; depth:4; offset:16; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 86 A2|"; within:4; content:"|00 00 00 00|"; depth:4; offset:8; reference:arachnids,133; reference:cve,1999-0626; classtype:rpc-portmap-decode; sid:2101271; rev:16; metadata:created_at 2010_09_23, cve CVE_1999_0626, signature_severity Informational, updated_at 2024_03_08;)
Suricata
GPL FTP MKD overflow attempt
suricata·2010-09-23
CVE-1999-0911 GPL FTP MKD overflow attempt
GPL FTP MKD overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP MKD overflow attempt"; flow:established,to_server; content:"MKD"; nocase; isdataat:100,relative; pcre:"/^MKD\s[^\n]{100}/smi"; reference:bugtraq,612; reference:bugtraq,7278; reference:bugtraq,9872; reference:cve,1999-0911; reference:nessus,12108; classtype:attempted-admin; sid:2101973; rev:12; metadata:created_at 2010_09_23, cve CVE_1999_0911, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL EXPLOIT /iisadmpwd/aexp2.htr access
suricata·2010-09-23
CVE-1999-0407 GPL EXPLOIT /iisadmpwd/aexp2.htr access
GPL EXPLOIT /iisadmpwd/aexp2.htr access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT /iisadmpwd/aexp2.htr access"; flow:established,to_server; http.uri; content:"/iisadmpwd/aexp2.htr"; reference:bugtraq,2110; reference:bugtraq,4236; reference:cve,1999-0407; reference:cve,2002-0421; reference:nessus,10371; classtype:web-application-activity; sid:2101487; rev:14; metadata:created_at 2010_09_23, cve CVE_1999_0407, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP tar parameters
suricata·2010-09-23
CVE-1999-0202 GPL FTP tar parameters
GPL FTP tar parameters
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP tar parameters"; flow:established,to_server; content:" --use-compress-program "; nocase; fast_pattern; reference:arachnids,134; reference:bugtraq,2240; reference:cve,1999-0202; reference:cve,1999-0997; classtype:bad-unknown; sid:2100362; rev:16; metadata:created_at 2010_09_23, cve CVE_1999_0202, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC RQUOTA getquota overflow attempt UDP
suricata·2010-09-23
CVE-1999-0974 GPL RPC RQUOTA getquota overflow attempt UDP
GPL RPC RQUOTA getquota overflow attempt UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC RQUOTA getquota overflow attempt UDP"; content:"|00 01 86 AB|"; depth:4; offset:12; content:"|00 00 00 01|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,128,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,864; reference:cve,1999-0974; classtype:misc-attack; sid:2101963; rev:10; metadata:created_at 2010_09_23, cve CVE_1999_0974, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL WEB_SERVER authors.pwd access
suricata·2010-09-23
CVE-1999-0386 GPL WEB_SERVER authors.pwd access
GPL WEB_SERVER authors.pwd access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL WEB_SERVER authors.pwd access"; flow:established,to_server; http.uri; content:"/authors.pwd"; nocase; reference:bugtraq,989; reference:cve,1999-0386; reference:nessus,10078; classtype:web-application-activity; sid:2100951; rev:15; metadata:created_at 2010_09_23, cve CVE_1999_0386, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL EXPLOIT fpcount access
suricata·2010-09-23
CVE-1999-1376 GPL EXPLOIT fpcount access
GPL EXPLOIT fpcount access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT fpcount access"; flow:established,to_server; http.uri; content:"/fpcount.exe"; nocase; reference:bugtraq,2252; reference:cve,1999-1376; classtype:web-application-activity; sid:2101013; rev:13; metadata:created_at 2010_09_23, cve CVE_1999_1376, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL RPC portmap rusers request UDP
suricata·2010-09-23
CVE-1999-0626 GPL RPC portmap rusers request UDP
GPL RPC portmap rusers request UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap rusers request UDP"; content:"|00 01 86 A0|"; depth:4; offset:12; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 86 A2|"; within:4; content:"|00 00 00 00|"; depth:4; offset:4; reference:arachnids,133; reference:cve,1999-0626; classtype:rpc-portmap-decode; sid:2100584; rev:12; metadata:created_at 2010_09_23, cve CVE_1999_0626, signature_severity Informational, updated_at 2019_07_26;)
Suricata
GPL EXPLOIT Alternate Data streams ASP file access attempt
suricata·2010-09-23
CVE-1999-0278 GPL EXPLOIT Alternate Data streams ASP file access attempt
GPL EXPLOIT Alternate Data streams ASP file access attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT Alternate Data streams ASP file access attempt"; flow:established,to_server; http.uri; content:".asp|3A 3A 24|DATA"; nocase; reference:bugtraq,149; reference:cve,1999-0278; reference:nessus,10362; reference:url,support.microsoft.com/default.aspx?scid=kb#-#-EN-US#-#-q188806; classtype:web-application-attack; sid:2100975; rev:16; metadata:created_at 2010_09_23, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL INFO Sun JavaServer default password login attempt
suricata·2010-09-23
CVE-1999-0508 GPL INFO Sun JavaServer default password login attempt
GPL INFO Sun JavaServer default password login attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET 9090 (msg:"GPL INFO Sun JavaServer default password login attempt"; flow:established,to_server; content:"ae9f86d6beaa3f9ecb9a5b7e072a4138"; http.uri; content:"/servlet/admin"; reference:cve,1999-0508; reference:nessus,10995; classtype:default-login-attempt; sid:2101859; rev:9; metadata:created_at 2010_09_23, cve CVE_1999_0508, confidence Medium, signature_severity Informational, updated_at 2024_03_08;)
Suricata
GPL FTP SITE EXEC attempt
suricata·2010-09-23
CVE-1999-0080 GPL FTP SITE EXEC attempt
GPL FTP SITE EXEC attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP SITE EXEC attempt"; flow:established,to_server; content:"SITE"; nocase; content:"EXEC"; distance:0; nocase; pcre:"/^SITE\s+EXEC/smi"; reference:arachnids,317; reference:bugtraq,2241; reference:cve,1999-0080; reference:cve,1999-0955; classtype:bad-unknown; sid:2100361; rev:18; metadata:created_at 2010_09_23, cve CVE_1999_0080, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP SITE NEWER overflow attempt
suricata·2010-09-23
CVE-1999-0800 GPL FTP SITE NEWER overflow attempt
GPL FTP SITE NEWER overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"GPL FTP SITE NEWER overflow attempt"; flow:established,to_server; content:"SITE"; nocase; content:"NEWER"; distance:0; nocase; isdataat:100,relative; pcre:"/^SITE\s+NEWER\s[^\n]{100}/smi"; reference:bugtraq,229; reference:cve,1999-0800; classtype:attempted-admin; sid:2101920; rev:9; metadata:created_at 2010_09_23, cve CVE_1999_0800, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL POP3 AUTH overflow attempt
suricata·2010-09-23
CVE-1999-0822 GPL POP3 AUTH overflow attempt
GPL POP3 AUTH overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 110 (msg:"GPL POP3 AUTH overflow attempt"; flow:established,to_server; content:"AUTH"; nocase; isdataat:50,relative; pcre:"/^AUTH\s[^\n]{50}/smi"; reference:bugtraq,830; reference:cve,1999-0822; reference:nessus,10184; classtype:attempted-admin; sid:2101936; rev:10; metadata:created_at 2010_09_23, cve CVE_1999_0822, confidence Medium, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt
suricata·2010-09-23
CVE-1999-0977 GPL RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt
GPL RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt"; flow:established,to_server; content:"|00 01 87 88|"; depth:4; offset:16; content:"|00 00 00 01|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_jump:4,124,relative,align; byte_jump:4,20,relative,align; byte_test:4,>,512,4,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,0866; reference:bugtraq,866; reference:cve,1999-0977; classtype:attempted-admin; sid:2101912; rev:11; metadata:created_at 2010_09_23, cve CVE_1999_0977, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at
Suricata
GPL SMTP vrfy decode
suricata·2010-09-23
CVE-1999-0096 GPL SMTP vrfy decode
GPL SMTP vrfy decode
Rule: alert tcp $EXTERNAL_NET any -> $SMTP_SERVERS 25 (msg:"GPL SMTP vrfy decode"; flow:established,to_server; content:"vrfy"; nocase; content:"decode"; distance:1; nocase; pcre:"/^vrfy\s+decode/smi"; reference:arachnids,373; reference:bugtraq,10248; reference:cve,1999-0096; classtype:attempted-recon; sid:2100672; rev:11; metadata:created_at 2010_09_23, cve CVE_1999_0096, signature_severity Unknown, updated_at 2024_03_08;)
Suricata
GPL SMTP expn decode
suricata·2010-09-23
CVE-1999-0096 GPL SMTP expn decode
GPL SMTP expn decode
Rule: alert tcp $EXTERNAL_NET any -> $SMTP_SERVERS 25 (msg:"GPL SMTP expn decode"; flow:established,to_server; content:"expn"; nocase; content:"decode"; nocase; pcre:"/^expn\s+decode/smi"; reference:arachnids,32; reference:cve,1999-0096; reference:nessus,10248; classtype:attempted-recon; sid:2100659; rev:11; metadata:created_at 2010_09_23, cve CVE_1999_0096, signature_severity Unknown, updated_at 2024_03_08;)
Suricata
GPL POP3 x86 SCO overflow
suricata·2010-09-23
CVE-1999-0006 GPL POP3 x86 SCO overflow
GPL POP3 x86 SCO overflow
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 110 (msg:"GPL POP3 x86 SCO overflow"; flow:established,to_server; content:"V|0E|1|C0 B0 3B 8D|~|12 89 F9 89 F9|"; reference:bugtraq,156; reference:cve,1999-0006; classtype:attempted-admin; sid:2100289; rev:12; metadata:created_at 2010_09_23, cve CVE_1999_0006, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL SNMP null community string attempt
suricata·2010-09-23
CVE-1999-0517 GPL SNMP null community string attempt
GPL SNMP null community string attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 161 (msg:"GPL SNMP null community string attempt"; content:"|04 01 00|"; depth:15; offset:5; reference:bugtraq,2112; reference:bugtraq,8974; reference:cve,1999-0517; classtype:misc-attack; sid:2101892; rev:7; metadata:created_at 2010_09_23, cve CVE_1999_0517, signature_severity Major, updated_at 2019_07_26;)
Suricata
GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt
suricata·2010-09-23
CVE-1999-0696 GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt
GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt"; flow:established,to_server; content:"|00 01 86 E4|"; depth:4; offset:16; content:"|00 00 00 15|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,1024,0,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,524; reference:cve,1999-0696; classtype:attempted-admin; sid:2101908; rev:11; metadata:created_at 2010_09_23, cve CVE_1999_0696, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP PASS overflow attempt
suricata·2010-09-23
CVE-1999-1519 GPL FTP PASS overflow attempt
GPL FTP PASS overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"GPL FTP PASS overflow attempt"; flow:established,to_server,no_stream; content:"PASS"; nocase; isdataat:100,relative; pcre:"/^PASS\s[^\n]{100}/smi"; reference:bugtraq,10078; reference:bugtraq,10720; reference:bugtraq,1690; reference:bugtraq,3884; reference:bugtraq,8601; reference:bugtraq,9285; reference:cve,1999-1519; reference:cve,1999-1539; reference:cve,2000-1035; reference:cve,2002-0126; reference:cve,2002-0895; classtype:attempted-admin; sid:2101972; rev:19; metadata:created_at 2010_09_23, cve CVE_1999_1519, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL WEB_SERVER perl command attempt
suricata·2010-09-23
CVE-1999-0509 GPL WEB_SERVER perl command attempt
GPL WEB_SERVER perl command attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL WEB_SERVER perl command attempt"; flow:established,to_server; http.uri; content:"/perl?"; nocase; reference:arachnids,219; reference:cve,1999-0509; reference:nessus,10173; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:2101649; rev:12; metadata:created_at 2010_09_23, cve CVE_1999_0509, signature_severity Unknown, updated_at 2024_03_08;)
Suricata
GPL FTP NLST overflow attempt
suricata·2010-09-23
CVE-1999-1544 GPL FTP NLST overflow attempt
GPL FTP NLST overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"GPL FTP NLST overflow attempt"; flow:established,to_server; content:"NLST"; nocase; isdataat:100,relative; pcre:"/^NLST\s[^\n]{100}/smi"; reference:bugtraq,10184; reference:bugtraq,7909; reference:bugtraq,9675; reference:cve,1999-1544; classtype:attempted-admin; sid:2102374; rev:8; metadata:created_at 2010_09_23, cve CVE_1999_1544, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC tooltalk UDP overflow attempt
suricata·2010-09-23
CVE-1999-0003 GPL RPC tooltalk UDP overflow attempt
GPL RPC tooltalk UDP overflow attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC tooltalk UDP overflow attempt"; content:"|00 01 86 F3|"; depth:4; offset:12; content:"|00 00 00 07|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,128,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,122; reference:cve,1999-0003; classtype:misc-attack; sid:2101964; rev:9; metadata:created_at 2010_09_23, cve CVE_1999_0003, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL FTP SITE NEWER attempt
suricata·2010-09-23
CVE-1999-0880 GPL FTP SITE NEWER attempt
GPL FTP SITE NEWER attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP SITE NEWER attempt"; flow:established,to_server; content:"SITE"; nocase; content:"NEWER"; distance:1; nocase; pcre:"/^SITE\s+NEWER/smi"; reference:cve,1999-0880; reference:nessus,10319; classtype:attempted-dos; sid:2101864; rev:10; metadata:created_at 2010_09_23, cve CVE_1999_0880, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL POP3 POP3 PASS overflow attempt
suricata·2010-09-23
CVE-1999-1511 GPL POP3 POP3 PASS overflow attempt
GPL POP3 POP3 PASS overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 110 (msg:"GPL POP3 POP3 PASS overflow attempt"; flow:established,to_server; content:"PASS"; nocase; isdataat:50,relative; pcre:"/^PASS\s[^\n]{50}/smi"; reference:bugtraq,791; reference:cve,1999-1511; reference:nessus,10325; classtype:attempted-admin; sid:2101634; rev:16; metadata:created_at 2010_09_23, cve CVE_1999_1511, confidence Medium, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt
suricata·2010-09-23
CVE-1999-0696 GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt
GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt"; flow:established,to_server; content:"|00 01 86 E4|"; depth:4; offset:16; content:"|00 00 00 06|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_jump:4,0,relative,align; byte_test:4,>,1000,28,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,524; reference:cve,1999-0696; reference:url,www.cert.org/advisories/CA-99-08-cmsd.html; classtype:misc-attack; sid:2101909; rev:14; metadata:created_at 2010_09_23, cve CVE_1999_0696, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt
suricata·2010-09-23
CVE-1999-0696 GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt
GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt"; content:"|00 01 86 E4|"; depth:4; offset:12; content:"|00 00 00 15|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,1024,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,524; reference:cve,1999-0696; classtype:attempted-admin; sid:2101907; rev:11; metadata:created_at 2010_09_23, cve CVE_1999_0696, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL DNS zone transfer UDP
suricata·2010-09-23
CVE-1999-0532 GPL DNS zone transfer UDP
GPL DNS zone transfer UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 53 (msg:"GPL DNS zone transfer UDP"; content:"|00 00 FC|"; offset:14; reference:cve,1999-0532; reference:nessus,10595; classtype:attempted-recon; sid:2101948; rev:8; metadata:created_at 2010_09_23, cve CVE_1999_0532, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL IMAP login buffer overflow attempt
suricata·2010-09-23
CVE-1999-0005 GPL IMAP login buffer overflow attempt
GPL IMAP login buffer overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 143 (msg:"GPL IMAP login buffer overflow attempt"; flow:established,to_server; content:"LOGIN"; isdataat:100,relative; pcre:"/\sLOGIN\s[^\n]{100}/smi"; reference:bugtraq,13727; reference:bugtraq,502; reference:cve,1999-0005; reference:cve,1999-1557; reference:cve,2005-1255; reference:nessus,10123; reference:cve,2007-2795; reference:nessus,10125; classtype:attempted-user; sid:2101842; rev:16; metadata:created_at 2010_09_23, cve CVE_1999_0005, confidence High, signature_severity Major, updated_at 2019_07_26;)
Suricata
GPL RPC portmap bootparam request UDP
suricata·2010-09-23
CVE-1999-0647 GPL RPC portmap bootparam request UDP
GPL RPC portmap bootparam request UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap bootparam request UDP"; content:"|00 01 86 A0|"; depth:4; offset:12; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 86 BA|"; within:4; content:"|00 00 00 00|"; depth:4; offset:4; reference:arachnids,16; reference:cve,1999-0647; classtype:rpc-portmap-decode; sid:2100577; rev:14; metadata:created_at 2010_09_23, cve CVE_1999_0647, signature_severity Informational, updated_at 2019_07_26;)
Suricata
GPL RPC portmap ttdbserv request UDP
suricata·2010-09-23
CVE-1999-0003 GPL RPC portmap ttdbserv request UDP
GPL RPC portmap ttdbserv request UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap ttdbserv request UDP"; content:"|00 01 86 A0|"; depth:4; offset:12; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 86 F3|"; within:4; content:"|00 00 00 00|"; depth:4; offset:4; reference:arachnids,24; reference:bugtraq,122; reference:bugtraq,3382; reference:cve,1999-0003; reference:cve,1999-0687; reference:cve,1999-1075; reference:cve,2001-0717; reference:url,www.cert.org/advisories/CA-2001-05.html; classtype:rpc-portmap-decode; sid:2100588; rev:18; metadata:created_at 2010_09_23, cve CVE_1999_0003, signature_severity Informational, updated_at 2019_07_26;)
Suricata
GPL RPC tooltalk TCP overflow attempt
suricata·2010-09-23
CVE-1999-0003 GPL RPC tooltalk TCP overflow attempt
GPL RPC tooltalk TCP overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC tooltalk TCP overflow attempt"; flow:established,to_server; content:"|00 01 86 F3|"; depth:4; offset:16; content:"|00 00 00 07|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,128,0,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,122; reference:cve,1999-0003; classtype:misc-attack; sid:2101965; rev:10; metadata:created_at 2010_09_23, cve CVE_1999_0003, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL IMAP authenticate overflow attempt
suricata·2010-09-23
CVE-1999-0005 GPL IMAP authenticate overflow attempt
GPL IMAP authenticate overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 143 (msg:"GPL IMAP authenticate overflow attempt"; flow:established,to_server; content:"AUTHENTICATE"; nocase; isdataat:100,relative; pcre:"/\sAUTHENTICATE\s[^\n]{100}/smi"; reference:bugtraq,12995; reference:bugtraq,130; reference:cve,1999-0005; reference:cve,1999-0042; reference:nessus,10292; classtype:misc-attack; sid:2101844; rev:12; metadata:created_at 2010_09_23, cve CVE_1999_0005, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
GPL SNMP public access udp
suricata·2010-09-23
CVE-1999-0517 GPL SNMP public access udp
GPL SNMP public access udp
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 161 (msg:"GPL SNMP public access udp"; content:"public"; fast_pattern; reference:bugtraq,2112; reference:bugtraq,4088; reference:bugtraq,4089; reference:cve,1999-0517; reference:cve,2002-0012; reference:cve,2002-0013; classtype:attempted-recon; sid:2101411; rev:13; metadata:created_at 2010_09_23, cve CVE_1999_0517, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_10_08;)
Suricata
GPL FTP CWD ~root attempt
suricata·2010-09-23
CVE-1999-0082 GPL FTP CWD ~root attempt
GPL FTP CWD ~root attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"GPL FTP CWD ~root attempt"; flow:established,to_server; content:"CWD"; nocase; content:"~root"; distance:1; nocase; pcre:"/^CWD\s+~root/smi"; reference:arachnids,318; reference:cve,1999-0082; classtype:bad-unknown; sid:2100336; rev:12; metadata:created_at 2010_09_23, cve CVE_1999_0082, signature_severity Minor, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL EXPLOIT /msadc/samples/ access
suricata·2010-09-23
CVE-1999-0736 GPL EXPLOIT /msadc/samples/ access
GPL EXPLOIT /msadc/samples/ access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT /msadc/samples/ access"; flow:established,to_server; http.uri; content:"/msadc/samples/"; nocase; reference:bugtraq,167; reference:cve,1999-0736; reference:nessus,1007; classtype:web-application-attack; sid:2101401; rev:12; metadata:created_at 2010_09_23, cve CVE_1999_0736, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL DNS named iquery attempt
suricata·2010-09-23
CVE-1999-0009 GPL DNS named iquery attempt
GPL DNS named iquery attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 53 (msg:"GPL DNS named iquery attempt"; content:"|09 80 00 00 00 01 00 00 00 00|"; depth:16; offset:2; reference:bugtraq,134; reference:cve,1999-0009; reference:url,www.rfc-editor.org/rfc/rfc1035.txt; classtype:attempted-recon; sid:2100252; rev:9; metadata:created_at 2010_09_23, cve CVE_1999_0009, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Exploit-DB
Microsoft Windows - (Authenticated) User Code Execution (Metasploit)
exploitdb·2010-12-02
CVE-1999-0504 Microsoft Windows - (Authenticated) User Code Execution (Metasploit)
Microsoft Windows - (Authenticated) User Code Execution (Metasploit)
---
##
# $Id: psexec.rb 11204 2010-12-02 17:29:26Z todb $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
=begin
Windows XP systems that are not part of a domain default to treating all
network logons as if they were Guest. This prevents SMB relay attacks from
gaining administrative access to these systems. This setting can be found
under:
Local Security Settings >
Local Policies >
Security Options >
Network Access: Sharing and security model for local accounts
=end
require 'msf/core'
class Metasploit3 'Mi
Exploit-DB
Solaris - ypupdated Command Execution (Metasploit)
exploitdb·2010-07-25
CVE-1999-0209 Solaris - ypupdated Command Execution (Metasploit)
Solaris - ypupdated Command Execution (Metasploit)
---
##
# $Id: ypupdated_exec.rb 9929 2010-07-25 21:37:54Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Solaris ypupdated Command Execution',
'Description' => %q{
This exploit targets a weakness in the way the ypupdated RPC
application uses the command shell when handling a MAP UPDATE
request. Extra commands may be launched through this command
shell, which runs as root on the remote host, by passing
commands in the format '|'.
Vulnerable systems include Solaris 2.7, 8, 9, and 10
Exploit-DB
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
exploitdb·2010-07-03
CVE-1999-1053 The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
---
##
# $Id: guestbook_ssi_exec.rb 9671 2010-07-03 06:21:31Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Matt Wright guestbook.pl Arbitrary Command Execution',
'Description' => %q{
The Matt Wright guestbook.pl [ 'patrick' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 9671 $',
'References' =>
[
[ 'CVE', '1999-1053' ],
[ 'OSVDB', '84' ],
[ 'BID', '776' ],
],
'Privileged' => false,
'Payload' =>
{
'DisableNops' => true,
'Space' => 1024,
'Compat' =>
{
Exploit-DB
War-FTPD 1.65 - 'Username' Remote Overflow (Metasploit)
exploitdb·2010-07-03
CVE-1999-0256 War-FTPD 1.65 - 'Username' Remote Overflow (Metasploit)
War-FTPD 1.65 - 'Username' Remote Overflow (Metasploit)
---
##
# $Id: warftpd_165_user.rb 9669 2010-07-03 03:13:45Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'War-FTPD 1.65 Username Overflow',
'Description' => %q{
This module exploits a buffer overflow found in the USER command
of War-FTPD 1.65.
},
'Author' => 'Fairuzan Roslan ',
'License' => BSD_LICENSE,
'Version' => '$Revision: 9669 $',
'References' =>
[
[ 'CVE', '1999-0256'],
[ 'OSVDB', '875' ],
[ 'BID', '10078' ],
[ 'URL', 'http://lists.insecure.org/lists/bugtraq/1998/Feb/0
Exploit-DB
Opencatalogue 1.024 - Local File Inclusion
exploitdb·2010-05-01
CVE-2010-1999 Opencatalogue 1.024 - Local File Inclusion
Opencatalogue 1.024 - Local File Inclusion
---
Opencatalogue 1.024 Local File Include Vulnerability
[+] Opencatalogue 1.024 Local File Include Vulnerability
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ###################################### 1
0 I'm cr4wl3r member from Inj3ct0r Team 1
1 ###################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
[+] Discovered By: cr4wl3r
[+] Download: https://adullact.net/frs
Exploit-DB
Lebi soft Ziyaretci Defteri 7.5 - Database Disclosure
exploitdb·2010-01-06
CVE-2010-1065 Lebi soft Ziyaretci Defteri 7.5 - Database Disclosure
Lebi soft Ziyaretci Defteri 7.5 - Database Disclosure
---
| # Title : Lebi soft Ziyaretci Defteri_v7.5 DB Download Vulnerability
| # Author : indoushka
| # email : [email protected]
| # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)
| # Web Site : www.iq-ty.com
| # Dork : Lebi soft Ziyaretci Defteri_v7.5
| # Script : (VP-ASP Shopping Cart 7.0) Copyright (c) 1999-2010 Rocksalt International.
| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.0
| # Bug : DB
====================== Exploit By indoushka =================================
| # Exploit :
|
| 1- http://127.0.0.1/LebisoftZiyaretciDefteri_v7.5/db/lebisoft.mdb
|
================================ Dz-Ghost Team ===================================================
Greetz : Exploit-db Team (loneferret+Expl
Exploit-DB
Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)
exploitdb·1997-07-05
CVE-1999-0153 Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)
Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)
---
// source: https://www.securityfocus.com/bid/2010/info
Older versions of Microsoft Windows (95, Windows for Workgroups 3.11, Windows NT up to and including 4.0), as well as SCO Open Server 5.0, have a vulnerability relating to the way they handle TCP/IP "Out of Band" data.
According to Microsoft, "A sender specifies "Out of Band" data by setting the URGENT bit flag in the TCP header. The receiver uses the URGENT POINTER to determine where in the segment the urgent data ends. Windows NT bugchecks when the URGENT POINTER points to the end of the frame and no normal data follows. Windows NT expects normal data to follow. "
As a result of this assumption not being met, Windows gives a "blue screen of
Exploit-DB
Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)
exploitdb·1997-05-07
CVE-1999-0153 Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)
Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)
---
source: https://www.securityfocus.com/bid/2010/info
Older versions of Microsoft Windows (95, Windows for Workgroups 3.11, Windows NT up to and including 4.0), as well as SCO Open Server 5.0, have a vulnerability relating to the way they handle TCP/IP "Out of Band" data.
According to Microsoft, "A sender specifies "Out of Band" data by setting the URGENT bit flag in the TCP header. The receiver uses the URGENT POINTER to determine where in the segment the urgent data ends. Windows NT bugchecks when the URGENT POINTER points to the end of the frame and no normal data follows. Windows NT expects normal data to follow. "
As a result of this assumption not being met, Windows gives a "blue screen of dea
Exploit-DB
Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)
exploitdb·1997-05-07
CVE-1999-0153 Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)
Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)
---
source: https://www.securityfocus.com/bid/2010/info
Older versions of Microsoft Windows (95, Windows for Workgroups 3.11, Windows NT up to and including 4.0), as well as SCO Open Server 5.0, have a vulnerability relating to the way they handle TCP/IP "Out of Band" data.
According to Microsoft, "A sender specifies "Out of Band" data by setting the URGENT bit flag in the TCP header. The receiver uses the URGENT POINTER to determine where in the segment the urgent data ends. Windows NT bugchecks when the URGENT POINTER points to the end of the frame and no normal data follows. Windows NT expects normal data to follow. "
As a result of this assumption not being met, Windows gives a "blue screen of dea
No writeups or analysis indexed.
http://packetstormsecurity.org/1005-exploits/opencatalogue-lfi.txthttp://secunia.com/advisories/39688http://www.exploit-db.com/exploits/12475http://www.osvdb.org/64183http://www.vupen.com/english/advisories/2010/1051http://packetstormsecurity.org/1005-exploits/opencatalogue-lfi.txthttp://secunia.com/advisories/39688http://www.exploit-db.com/exploits/12475http://www.osvdb.org/64183http://www.vupen.com/english/advisories/2010/1051
2010-05-20
Published