Hasbani-WindWeb 2.0 (GET Request) Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ================================================================== Hasbani-WindWeb 2.0 GET Request Remote Denial of Service Exploit ================================================================== / . \ \ \ \ | | / | | | | \ / / /\ \ / \ | \ /...

Hasbani-WindWeb2.0 - GET Remote Denial of Service

Hasbani-WindWeb2.0 - GET Remote Denial of Service / . \ \ \ \ | | / | | | | \ / / /\ \ / \ | \ / / / / 26\09\05 / || / / i Title: Hasbani-WindWeb/2.0 - HTTP GET Remote DoS i Discovered by: Expanders i Exploit by: Expanders What is Hasbani-WindWeb/2.0 Hasbani server is a httpd created for...

EUVD-2004-2507

Directory traversal vulnerability in myServer 0.7 allows remote attackers to list arbitrary directories via an HTTP GET command with a large number of "./" sequences followed by "../" sequences...

CVE-2004-2516

Summary: CVE-2004-2516 corresponds to a directory traversal vulnerability in the web server implementation of myServer. Documents indicate that myServer versions

CVE-2005-3190

Buffer overflow in Computer Associates CA iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests...

CVE-2005-3190

CA iGateway has a buffer overflow in debug mode that can be triggered by HTTP GET requests, affecting CA iGateway 3.0 and 4.0 prior to version 4.0.050623. The vulnerability allows remote code execution or denial of service. Explanations of impacted versions are confirmed in multiple sources (CA a...

CVE-2005-3033

Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

CVE-2005-2950

The CVE-2005-2950 entry describes a cross-site scripting (XSS) vulnerability in Sawmill versions 7.0.0 through 7.1.13. The root cause is improper validation of user-supplied input appended to a GET request’s query string, enabling a remote attacker to inject arbitrary web script or HTML. The avai...

CVE-2004-2416

CVE-2004-2416 is a buffer overflow in CCProxy’s Telnet proxy ping command for CCProxy v6.2 and earlier. The stack can be overwritten by sending an overly long address to the ping (p) command, allowing remote code execution on vulnerable Windows systems. Public proof‑of‑concepts and exploits exist...

CVE-2004-2416

Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request...

CVE-2005-2420

CVE-2005-2420 affects FtpLocate 2.02 (flsearch.pl) and allows remote command execution by injecting shell metacharacters through HTTP GET. Connected Nessus plugin NASL confirms a remote file inclusion style input manipulation via the fsite parameter, enabling arbitrary command execution on the af...

CVE-2005-2420

flsearch.pl in FtpLocate 2.02 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP GET request...

CVE-2004-2271

CVE-2004-2271 affects MiniShare webserver versions 1.4.1 and earlier. The vulnerability is a remote buffer overflow in the HTTP request handling, originally demonstrated via a long GET request, which can be exploited to execute arbitrary code. Connected exploits and payloads show that not only GE...

CVE-2004-2271

Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request...

Oracle Reports Server 6.0.89.0.x - Arbitrary File Disclosure

Oracle Reports Server 6.0.89.0.x - Arbitrary File Disclosure source: https://www.securityfocus.com/bid/14312/info Oracle Reports Server may allow remote attackers to disclose parts of arbitrary files. Reportedly, the server fails to restrict users from accessing parts of arbitrary files when...

Oracle Reports Server 6.0.89.0.x - Unauthorized Report Execution

Oracle Reports Server 6.0.89.0.x - Unauthorized Report Execution source: https://www.securityfocus.com/bid/14316/info Oracle Reports Server is susceptible to an unauthorized report execution vulnerability. By placing a report file in a globally accessible location, users can trigger the execution...

Oracle Reports Server 6.0.8/9.0.x - Unauthorized Report Execution

source: https://www.securityfocus.com/bid/14316/info Oracle Reports Server is susceptible to an unauthorized report execution vulnerability. By placing a report file in a globally accessible location, users can trigger the execution of the report by issuing an HTTP GET request to the affected...

CVE-2004-2221

CVE-2004-2221 describes a buffer overflow in the SoftCart.exe CGI of Mercantec SoftCart 4.00b. The vulnerability allows remote attackers to execute arbitrary code by sending a long parameter in an HTTP GET request. Public references show Metasploit and Exploit-DB demonstrations of an exploit for ...

CVE-2004-2224

Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service crash via an HTTP GET request that contains MS-DOS device names such as com1...

CVE-2002-1895

The vulnerability CVE-2002-1895 affects the Tomcat servlet engine in versions 3.3 and 4.0.4 when used with IIS and the ajp1.3 connector. Affected component: servlet engine; issue: remote attackers can trigger a denial of service (crash) by issuing a large sequence of HTTP GET requests for MS-DOS ...