Novell eDirectory/iMonitor HTTPSTK栈缓冲区溢出漏洞

Novell eDirectory是一个的跨平台的目录服务器。 Novell eDirectory在处理用户请求构造回应时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 Novell的HTTP协议栈（httpstk）没有检查客户端所提供的HTTP Host请求头（如Host: www.host.com）的值。当服务器在准备HTTP重新定向响应调用snprintf时可能会触发这个漏洞，导致以加载httpstk库进程的权限执行任意指令。C++伪代码如下： define HTTPHDRHOSTFIELD 211 char szHttp = "HTTP"; char...

Novell eDirectory iMonitor HTTP Protocol Stack (httpstk) Host HTTP Header Remote Overflow

The installed version of Novell eDirectory on the remote host reportedly contains a buffer overflow that can be triggered with a specially crafted Host request header. An anonymous remote attacker may be able to leverage this flaw to execute code on the affected host, generally with super-user...

TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities RELEASE DATE: August 21st, 2006 VENDOR: Alt-N Technologies http://www.altn.com VULNERABLE: Tested on Alt-N WebAdmin v3.2.3/3.2.4 running with MDaemon v9.0.5, earlier versions are suspected vulnerable a...

CVE-2006-3918

CVE-2006-3918 is an Apache HTTP Server/IBM HTTP Server issue where the HTTP Expect header is not sanitized when echoed back in error messages, enabling potential cross-site scripting via headers (as demonstrated with Flash/other clients). Affected products and versions include Apache HTTP Server ...

EEYE: McAfee ePolicy Orchestrator Remote Compromise

McAfee ePolicy Orchestrator Remote Compromise Release Date: July 13, 2006 Severity: High Remote Code Execution Vendor: McAfee Systems Affected: McAfee Common Management EPO Agent versions below version 3.5.5.438 Overview: McAfee ePolicy Orchestrator is the remote security management software for...

For the new network domain name Management System Security reviews-exploits warning-the black bar safety net

It is well known, the new network users in China domain name registration industry, the proportion of the column is still very large. But I found a new web domain system, there exists a safety hazard. One day I From the agent the domain Control Panel login to the new network there, accidentally...

With a Winsock implementation on the website of the database data injection-vulnerability warning-the black bar safety net

In writing this article before, it is necessary to"inject"one word describes it. The difference to the usualSQL injection, where the injection actually just construct an HTTP request packet to a program instead of a WEB page is submitted, data is automatically submitted. Hey, speaking of which, I...

How to find WEB application vulnerabilities and how to exploit and prevention-vulnerability and early warning-the black bar safety net

The article had intended to send to magazines, because I'm too lazy to write, write it again it sent to their own BLOG. Internetthe security is a very popular topic, whether it is this expert or an ordinary person, are more or less involved therein. In this environment, the intrusion also become...

CVE-2003-1269

AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message...

Hack rampage the era of the URL address will lie-vulnerability warning-the black bar safety net

My name is URL, i.e.,“Uniform Resource Locators”, which means Uniform Resource Locator. In the address bar URL will belong to me the URL of an expression. Substantially all of the visit website the friends are used to me, so my role is very large. Perhaps many friends don't know that I'm very...

IBProArcade index.php SQL Injection

One of the ibProArcade SPDX-FileCopyrightText: 2004 Ami Chayun Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.16086";...

Oracle Enterprise Manager

Detection of Oracle Enterprise Manager The script sends a connection request to the server and attempts to detect Oracle Enterprise Manager from the reply. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Enterasys Dragon Enterprise Reporting detection

The remote host is running the Enterasys Dragon Enterprise Reporting on this port. OpenVAS Vulnerability Test $Id: enterasysdragonreportingdetect.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Enterasys Dragon Enterprise Reporting detection Authors: David Maciejak Copyright: Copyright C 200...

HTTP 1.0 Header Overflow DoS Vulnerability

It was possible to kill the web server by sending an invalid request with a too long header From, If-Modified-Since, Referer or Content-Type. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

[SECURITY] [DSA 753-1] New gedit packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 753-1 [email protected] http://www.debian.org/security/ Martin Schulze July 12th, 2005 http://www.debian.org/security/faq -...

Multiple Trillian instant messenger buffer overflows

Multiple buffer overflow on parsing HTTP-based protocols, including RSS...

[SA14091] Squid Oversized Reply Header Handling Security Issue

TITLE: Squid Oversized Reply Header Handling Security Issue SECUNIA ADVISORY ID: SA14091 VERIFY ADVISORY: http://secunia.com/advisories/14091/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: Squid 2.x http://secunia.com/product/310/ DESCRIPTION: A security issue with an...

CVE-2004-0356

CVE-2004-0356: A stack-based buffer overflow in the Supervisor Report Center of SL Mail Pro 2.0.9 and earlier allows remote code execution via an HTTP request containing a long HTTP sub-version. Affects SL Mail Pro up to version 2.0.9; exploitation details are not provided in the connected docume...

Buffalo Wireless Router Detection (HTTP) (deprecated)

Binary data 1608.prm...

NETGEAR Wireless Router Detection (HTTP) (deprecated)

Binary data 1610.prm...