CVE-2006-5971
https://notcve.org/view.php?id=CVE-2006-5971
Absolute path traversal vulnerability in admin/logfile.txt in Verity Ultraseek before 5.6.2 allows remote attackers to read arbitrary files via the name variable. Vulnerabilidad de salto de ruta absoluta en admin/logfile.txt en Verity Ultraseek anterior a 5.6.2 permite a un atacante remoto leer ficheros de su elección a través de la variable name. • http://secunia.com/advisories/22892 http://www.osvdb.org/30289 http://www.securityfocus.com/archive/1/451847/100/0/threaded http://www.ultraseek.com/support/docs/RELNOTES.txt http://www.ultraseek.com/support/docs/release_notes/ultraseek.5.6.2.txt http://www.zerodayinitiative.com/advisories/ZDI-06-042.html https://exchange.xforce.ibmcloud.com/vulnerabilities/30321 •
CVE-2006-5970
https://notcve.org/view.php?id=CVE-2006-5970
Verity Ultraseek before 5.7 allows remote attackers to obtain sensitive information via direct requests with (1) a null ("%00") terminated url parameter to help/urlstatusgo.html; or missing parameters to (2) help/header.html, (3) help/footer.html, (4) spell.html, (5) coreforma.html, (6) daterange.html, (7) hits.html, (8) hitsnavbottom.html, (9) indexform.html, (10) indexforma.html, (11) languages.html, (12) nohits.html, (13) onehit1.html, (14) onehit2.html, (15) query.html, (16) queryform0.html, (17) queryform0a.html, (18) queryform1.html, (19) queryform1a.html, (20) queryform2.html, (21) queryform2a.html, (22) quicklinks.html, (23) relatedtopics.html, (24) signin.html, (25) subtopics.html, (26) thesaurus.html, (27) topics.html, (28) hitspagebar.html, (29) highlight/highlight.html, (30) highlight/highlight_one.html, and (31) highlight/topnav.html, which leaks the installation path in the resulting error message. Verity Ultraseek anterior 5.7 permite a un atacante remoto obtener información sensible a través de respuestas directas con un parámetro url terminal nulo a help/urlstatusgo.html; o parámetros que faltan en (2) help/header.html, (3) help/footer.html, (4) spell.html, (5) coreforma.html, (6) daterange.html, (7) hits.html, (8) hitsnavbottom.html, (9) indexform.html, (10) indexforma.html, (11) languages.html, (12) nohits.html, (13) onehit1.html, (14) onehit2.html, (15) query.html, (16) queryform0.html, (17) queryform0a.html, (18) queryform1.html, (19) queryform1a.html, (20) queryform2.html, (21) queryform2a.html, (22) quicklinks.html, (23) relatedtopics.html, (24) signin.html, (25) subtopics.html, (26) thesaurus.html, (27) topics.html, (28) hitspagebar.html, (29) highlight/highlight.html, (30) highlight/highlight_one.html, y (31) highlight/topnav.html, • http://secunia.com/advisories/22892 http://securitytracker.com/id?1017235 http://www.osvdb.org/30287 http://www.osvdb.org/30288 http://www.securityfocus.com/archive/1/451847/100/0/threaded http://www.ultraseek.com/support/docs/RELNOTES.txt http://www.zerodayinitiative.com/advisories/ZDI-06-042.html https://exchange.xforce.ibmcloud.com/vulnerabilities/30314 •
CVE-2006-5819 – Verity Ultraseek Request Proxying Vulnerability
https://notcve.org/view.php?id=CVE-2006-5819
Verity Ultraseek before 5.7 allows remote attackers to use the server as a proxy for web attacks and host scanning via a direct request to the highlight/index.html script. Verity Ultraseek anterior a 5.7 permite a un atacante remoto usar el servidor como proxy para ataques web y escaneo de host a través de respuesta directa a la secuencia de comandos highlight/index.html. This vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability. The specific flaw exists within the highlight script used to highlight search terms on spidered pages. An attacker can directly access the highlight script at '/highlight/index.html' to pass parameters to and retrieve content from arbitrary URLs. • http://securitytracker.com/id?1017235 http://www.kb.cert.org/vuls/id/559616 http://www.osvdb.org/22892 http://www.osvdb.org/30286 http://www.securityfocus.com/archive/1/451847/100/0/threaded http://www.securityfocus.com/bid/21120 http://www.ultraseek.com/support/docs/RELNOTES.txt http://www.zerodayinitiative.com/advisories/ZDI-06-042.html https://exchange.xforce.ibmcloud.com/vulnerabilities/30311 •
CVE-2005-0514
https://notcve.org/view.php?id=CVE-2005-0514
Cross-site scripting (XSS) vulnerability in Verity Ultraseek before 5.3.3 allows remote attackers to inject arbitrary HTML and web script via search parameters. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.html http://secunia.com/advisories/14367 http://www.kb.cert.org/vuls/id/716144 http://www.mikx.de/index.php?p=6 •
CVE-2004-0050
https://notcve.org/view.php?id=CVE-2004-0050
Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others. Verity Ultraseek anteriores a 5.2.2 permite a atacantes remotos obtener la ruta completa de la raíz de documentos mediante un nombre de dispositivo de MS-DOS en la opción de búsqueda web, como (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, y otros. • http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0024.html http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020952.html http://marc.info/?l=bugtraq&m=108377388114888&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16066 •