1746 matches found
Multitech RouteFinder 550 - Remote Memory Corruption
Multitech RouteFinder 550 - Remote Memory Corruption source: https://www.securityfocus.com/bid/7067/info A vulnerability has been discovered in Multitech RouteFinder 550 VPN firmware release 4.63 and earlier. The problem occurs due to insufficient bounds checking of data supplied in HTTP GET...
Apache Web Server 2.0.x - MS-DOS Device Name Denial of Service
Apache Web Server 2.0.x - MS-DOS Device Name Denial of Service source: https://www.securityfocus.com/bid/6662/info A vulnerability has been reported in Apache Web server for Microsoft Windows. The vulnerability exists in the way some HTTP requests are handled by the Apache Web server. Specificall...
Apache Web Server 2.0.x - MS-DOS Device Name Denial of Service
source: https://www.securityfocus.com/bid/6662/info A vulnerability has been reported in Apache Web server for Microsoft Windows. The vulnerability exists in the way some HTTP requests are handled by the Apache Web server. Specifically, HTTP GET requests that involve reserved MS-DOS device names...
CVE-2002-1816
Off-by-one buffer overflow in the sockgets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request...
CVE-2002-1895
The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service crash via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN...
CVE-2002-1904
Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request...
CVE-2002-1907
TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause a denial of service crash via a long HTTP GET request...
CVE-2002-1941
Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of service crash via a long HTTP GET request with the Host header set...
CVE-2002-1951
Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories...
CVE-2002-1965
Cross-site scripting XSS vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the 1 Javascript events, as demonstrated via an onerror event in an IMG SRC tag or 2 User-Agent field in an HTTP GET request...
CVE-2002-2240
Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." dot dot in an HTTP GET request...
CVE-2002-2272
Tomcat 4.0 through 4.1.12, using modjk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service desynchronized communications via an HTTP GET request with a Transfer-Encoding chunked field with invalid values...
CVE-2002-1643
Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 9.0.2.768 allow remote attackers to execute arbitrary code via 1 a long Transport field in a SETUP RTSP request, 2 a DESCRIBE RTSP request with a long URL argument, or 3 two simultaneous HTTP GET requests with long arguments...
CVE-2002-1310
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET request with a long .jsp file name...
Buffalo access point DoS
Incomplete HTTP GET request causes device to reboot...
CVE-2002-1167
Cross-site scripting XSS vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP GET request...
CVE-2002-0386
The CVE-2002-0386 entry concerns Oracle9iAS Web Cache, specifically the administration module of Oracle Web Cache in Oracle9iAS 9.0.2. The vulnerability allows remote denial of service (crash) via two conditions: (1) an HTTP GET containing a “..” sequence, and (2) a malformed HTTP GET with chunke...
CVE-2002-1212
Buffer overflow in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before 1.30, allows remote attackers to cause a denial of service crash via a long HTTP GET request...
CVE-2002-1167
Cross-site scripting XSS vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP GET request...
CVE-2002-1212
Buffer overflow in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before 1.30, allows remote attackers to cause a denial of service crash via a long HTTP GET request...