Lucene search
+L

2451 matches found

RedHat Linux
RedHat Linux
added 2007/05/24 6:47 p.m.57 views

Important: Red Hat Security Advisory: jbossas security update

Updated jbossas packages that fix multiple security issues in tomcat are now available for Red Hat Application Stack. This update has been rated as having Important security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages...

5CVSS5.6AI score0.90768EPSS
Exploits5References3
RedHat Linux
RedHat Linux
added 2007/05/24 6:47 p.m.8 views

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

4.3CVSS5.9AI score0.29784EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2007/05/24 9:36 a.m.11 views

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

4.3CVSS5.9AI score0.29784EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2007/05/21 12:13 p.m.84 views

Important: Red Hat Security Advisory: tomcat security update

Updated tomcat packages that fix multiple security issues are now available for Red Hat Application Server v2. This update has been rated as having important security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies...

5CVSS5.6AI score0.90768EPSS
Exploits13References3
RedHat Linux
RedHat Linux
added 2007/05/21 12:13 p.m.4 views

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

4.3CVSS5.9AI score0.29784EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2007/05/16 12:0 a.m.48 views

CentOS 5 : tomcat (CESA-2007:0327)

Updated tomcat packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. Tomca...

5CVSS5.2AI score0.90768EPSS
Exploits5References6
Cent OS
Cent OS
added 2007/05/14 10:49 p.m.86 views

jakarta, tomcat5 security update

CentOS Errata and Security Advisory CESA-2007:0327 Updated tomcat packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Ja...

5CVSS5.7AI score0.90768EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2007/05/14 4:59 p.m.6 views

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

4.3CVSS5.9AI score0.29784EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2007/05/08 2:53 p.m.4 views

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

4.3CVSS5.9AI score0.29784EPSS
Exploits4References4
Exploit DB
Exploit DB
added 2007/04/11 12:0 a.m.28 views

Cosign 2.0.1/2.9.4a - CGI Register Command Remote Authentication Bypass

source: https://www.securityfocus.com/bid/23424/info The 'cosign' application is prone to an authentication-bypass vulnerability because it fails to adequately sanitize user-supplied input. An authenticated attacker can exploit this issue to access services hosted on an affected computer by...

7AI score
Exploits0
Apache Tomcat
Apache Tomcat
added 2007/03/09 12:0 a.m.77 views

Fixed in Apache Tomcat 5.5.23, 5.0.SVN

Important: Information disclosure CVE-2005-2090 Requests with multiple content-length headers should be rejected as invalid. When multiple components firewalls, caches, proxies and Tomcat process a sequence of requests where one or more requests contain multiple content-length headers and several...

4.3CVSS3.3AI score0.29784EPSS
Exploits4Affected Software1
Prion
Prion
added 2007/03/03 9:19 p.m.18 views

Stack overflow

Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header...

7.5CVSS8.7AI score0.0536EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2007/03/03 9:19 p.m.25 views

CVE-2007-1260

Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header...

7.5CVSS8AI score0.0536EPSS
Exploits1References6
Cvelist
Cvelist
added 2007/03/03 9:0 p.m.22 views

CVE-2007-1260

Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header...

8AI score0.0536EPSS
Exploits1References6
seebug.org
seebug.org
added 2007/03/02 12:0 a.m.27 views

WebMod 0.48 (Content-Length) Remote Buffer Overflow Exploit PoC

No description provided by source. / WebMod Stack Buffer Overflow by cybermind Kevin Masterson [email protected] WebMod v0.48 exploit PoC code / include include include define WIN32LEANANDMEAN include include pragma comment lib, "ws232.lib" / local variables in connectHandle: char input; 4 char...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/03/01 12:0 a.m.28 views

WebMod 0.48 - Content-Length Remote Buffer Overflow

WebMod 0.48 - Content-Length Remote Buffer Overflow / WebMod Stack Buffer Overflow by cybermind Kevin Masterson [email protected] WebMod v0.48 exploit PoC code / include include include define WIN32LEANANDMEAN include include pragma comment lib, "ws232.lib" / local variables in connectHandle:...

0.6AI score
Exploits0
0day.today
0day.today
added 2007/03/01 12:0 a.m.30 views

WebMod 0.48 (Content-Length) Remote Buffer Overflow Exploit PoC

Exploit for unknown platform in category remote exploits =============================================================== WebMod 0.48 Content-Length Remote Buffer Overflow Exploit PoC =============================================================== / WebMod Stack Buffer Overflow by cybermind Kevin...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/01/27 12:0 a.m.34 views

MOAB-25-01-2007.rb.txt

!/usr/bin/ruby c Copyright 2007 Lance M. Havok Proof of concept for MOAB-25-01-2007. require 'socket' webport = ARGV0 || 80.toi puts "++ Starting HTTP server at port webport." webserver = TCPServer.newnil, webport while session = webserver.accept randclen = rand80 useragent =...

5CVSS7.7AI score0.14382EPSS
Exploits3
exploitpack
exploitpack
added 2007/01/25 12:0 a.m.18 views

Apple CFNetwork - HTTP Response Denial of Service (Ruby)

Apple CFNetwork - HTTP Response Denial of Service Ruby !/usr/bin/ruby c Copyright 2007 Lance M. Havok Proof of concept for MOAB-25-01-2007. require 'socket' webport = ARGV0 || 80.toi puts "++ Starting HTTP server at port webport." webserver = TCPServer.newnil, webport while session =...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2007/01/25 12:0 a.m.49 views

Apple CFNetwork - HTTP Response Denial of Service

!/usr/bin/ruby c Copyright 2007 Lance M. Havok Proof of concept for MOAB-25-01-2007. require 'socket' webport = ARGV0 || 80.toi puts "++ Starting HTTP server at port webport." webserver = TCPServer.newnil, webport while session = webserver.accept randclen = rand80 useragent =...

7.4AI score
Exploits0
Rows per page
Query Builder