SP Research Labs Advisory 13

SP Research Labs Advisory x13 ----------------------------- Orenosv HTTP/FTP Server Denial Of Service ----------------------------------------- Versions: orenosv059f Vendor: http://hp.vector.co.jp/authors/VA027031/orenosv/indexen.html Date Released - 5.25.2004 ------------------------------------...

[Full-Disclosure] Orenosv HTTP/FTP Server Denial Of Service

SP Research Labs Advisory x13 ----------------------------- Orenosv HTTP/FTP Server Denial Of Service ----------------------------------------- Versions: orenosv059f Vendor: http://hp.vector.co.jp/authors/VA027031/orenosv/indexen.html Date Released - 5.25.2004 ------------------------------------...

Orenosv HTTPFTP Server 0.5.9 - GET Denial of Service (1)

Orenosv HTTPFTP Server 0.5.9 - GET Denial of Service 1 // source: https://www.securityfocus.com/bid/10420/info Orenosv HTTP/FTP server is prone to a denial of service vulnerability that may occur when an overly long HTTP GET request is sent to the server. When the malicious request is handled, it...

Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (1)

// source: https://www.securityfocus.com/bid/10420/info Orenosv HTTP/FTP server is prone to a denial of service vulnerability that may occur when an overly long HTTP GET request is sent to the server. When the malicious request is handled, it is reported that both the HTTP and FTP daemons will st...

[Full-Disclosure] BNBT BitTorrent Tracker Denial Of Service

SP Research Labs Advisory x12 ----------------------------- BNBT BitTorrent Tracker Denial Of Service ----------------------------------------- Versions: cbtt7520040515 Beta 7.5 Release 2 and prior versions Vendors: http://bnbt.go-dedicated.com/ http://bnbteasytracker.sourceforge.net/...

[NT] MyWeb Buffer Overflow

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

CVE-2004-1973

DiGi Web Server allows remote attackers to cause a denial of service CPU consumption via an HTTP GET request that contains a large number of / slash characters, which consumes resources when DiGi converts the slashes to \ backslash characters...

CVE-2004-0292

Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

Proxy-Pro Professional GateKeeper 4.7 Web Proxy - Buffer Overrun

Proxy-Pro Professional GateKeeper 4.7 Web Proxy - Buffer Overrun // source: https://www.securityfocus.com/bid/9716/info Proxy-Pro Professional GateKeeper is prone to a remotely exploitable buffer overrun that may be triggered by passing HTTP GET requests of excessive length through the web proxy...

Proxy-Pro Professional GateKeeper 4.7 Web Proxy - Buffer Overrun

// source: https://www.securityfocus.com/bid/9716/info Proxy-Pro Professional GateKeeper is prone to a remotely exploitable buffer overrun that may be triggered by passing HTTP GET requests of excessive length through the web proxy component. This could be exploited to execute arbitrary code in t...

KarjaSoft Sami HTTP Server 1.0.4 Buffer Overflow

SP Research Labs Advisory x10 ----------------------------------- KarjaSoft Sami HTTP Server 1.0.4 Buffer Overflow ------------------------------------------------- Vendor Home Page: http://www.karja.com Date Released - 2.16.2004 -------------------------------------- Product Description from the...

Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Bypass

Macallan Mail Solution Macallan Mail Solution 2.8.4.6 Build 260 - Web Interface Authentication Bypass source: https://www.securityfocus.com/bid/9646/info A vulnerability has been reported in Macallan Mail Solution that may permit remote attackers to bypass authentication for the web interface. Th...

Monkey HTTP Daemon 0.x - Missing Host Field Denial of Service

Monkey HTTP Daemon 0.x - Missing Host Field Denial of Service source: https://www.securityfocus.com/bid/9642/info Monkey HTTP Daemon is prone to a denial of service attacks. HTTP GET requests, which do not include a 'Host' header field, will trigger this condition. The server will need to be...

Monkey HTTP Daemon 0.x - Missing Host Field Denial of Service

source: https://www.securityfocus.com/bid/9642/info Monkey HTTP Daemon is prone to a denial of service attacks. HTTP GET requests, which do not include a 'Host' header field, will trigger this condition. The server will need to be restarted to regain normal functionality...

Loom Software SurfNow 1.x2.x - GET Remote Denial of Service

Loom Software SurfNow 1.x2.x - GET Remote Denial of Service source: https://www.securityfocus.com/bid/9519/info A problem has been identified in the handling of specific types of requests by SurfNOW. Upon receiving specially crafted HTTP GET requests, it is possible for a remote attacker to crash...

Loom Software SurfNow 1.x/2.x - GET Remote Denial of Service

source: https://www.securityfocus.com/bid/9519/info A problem has been identified in the handling of specific types of requests by SurfNOW. Upon receiving specially crafted HTTP GET requests, it is possible for a remote attacker to crash a vulnerable implementation, denying service to the user. G...

InternetNow ProxyNow 2.62.75 - Multiple Stack Heap Overflow Vulnerabilities

InternetNow ProxyNow 2.62.75 - Multiple Stack Heap Overflow Vulnerabilities source: https://www.securityfocus.com/bid/9500/info ProxyNow has been reported to be prone to multiple overflow vulnerabilities that may allow an attacker to execute arbitrary code in order to gain unauthorized access to ...

InternetNow ProxyNow 2.6/2.75 - Multiple Stack / Heap Overflow Vulnerabilities

source: https://www.securityfocus.com/bid/9500/info ProxyNow has been reported to be prone to multiple overflow vulnerabilities that may allow an attacker to execute arbitrary code in order to gain unauthorized access to a vulnerable system. The vulnerabilities present themselves when an attacker...

tinyserver 1.1 - Directory Traversal

tinyserver 1.1 - Directory Traversal source: https://www.securityfocus.com/bid/9485/info TinyServer is prone to multiple vulnerabilities. A directory traversal issue is present in TinyServer that could allow a remote user to view or download any file to which the server has access. A denial of...

Vicomsoft RapidCache Server 2.02.2.6 - Host Argument Denial of Service

Vicomsoft RapidCache Server 2.02.2.6 - Host Argument Denial of Service source: https://www.securityfocus.com/bid/9427/info It has been reported that RapidCache server may be prone to a denial of service vulnerability that may allow an attacker to cause the server to crash or hang. The issue...