MiniShare DoS

Incomplete HTTP request causs service to crash...

CVE-2004-2035

MiniShare 1.3.2 allows remote attackers to cause a denial of service crash via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences...

MiniShare 1.3.2 - Remote Denial of Service

MiniShare 1.3.2 - Remote Denial of Service source: https://www.securityfocus.com/bid/10417/info Minishare is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle improperly formed HTTP requests. This issue will allow an attacker to caus...

MiniShare 1.3.2 - Remote Denial of Service

source: https://www.securityfocus.com/bid/10417/info Minishare is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle improperly formed HTTP requests. This issue will allow an attacker to cause the affected computer to stop responding,...

eMule DoS

Combination of different HTTP requests causes application to crash...

CVE-2004-1984

Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to 1 phpinfo.php, 2 addpic.php, 3 config.php, 4 dbinput.php, 5 displayecard.php, 6 ecard.php, 7 crop.inc.php, which reveal the full path in a PHP error message...

HAHTsite Scenario Server fails to handle overly long URLs

Overview HAHTsite Scenario Server fails to properly handle HTTP requests containing an overly long "project name". Description HAHTsite Scenario Server is an e-Business platform that consists of a web application server and web development environment. There is a buffer overflow vulnerability in...

Oracle web cache buffer overflow

Heap overflow on invalid HTTP/HTTPS request...

EUVD-2004-0281

Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows...

Confixx 2 - Perl Debugger Remote Command Execution

source: https://www.securityfocus.com/bid/9831/info The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to a HTTP request for a PERL script resource, the...

CVE-2004-0039

Multiple format string vulnerabilities in HTTP Application Intelligence AI component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause forma...

CVE-2004-2117

Tiny Server 1.1 allows remote attackers to cause a denial of service crash via malformed HTTP requests such as 1 a GET request without the HTTP version HTTP/1.1, or 2 a request without GET or the HTTP version...

TinyServer 1.1 - Denial of Service

source: https://www.securityfocus.com/bid/9485/info TinyServer is prone to multiple vulnerabilities. A directory traversal issue is present in TinyServer that could allow a remote user to view or download any file to which the server has access. A denial of service issue exists due to the failure...

GoAhead Web Server 2.1.x - Directory Management Policy Bypass

source: https://www.securityfocus.com/bid/9450/info GoAhead WebServer is prone to a vulnerability that may permit remote attackers to bypass directory management policy. It is reported that certain syntax may be used in HTTP GET requests to bypass the policy for how certain request should be...

Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure

Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure source: https://www.securityfocus.com/bid/9431/info The e-GAP appliance has been reported prone to a source code disclosure vulnerability. It has been reported that, when the affected appliance handles unexpecte...

CVE-2003-1486

Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to 1 smileys.php, 2 quicklistrss.php, 3 purge.php, 4 news.php, 5 memberlist.php, 6 forumlistrss.php, 7 forumlistrdf.php, 8 forumlist.php, or 9 move.php, which leaks the...

Thomson Cablemodem TCM315 - Denial of Service

// source: https://www.securityfocus.com/bid/9091/info A problem has been identified in Thomson Cable Modems when handling long requests on the HTTP port. Because of this, it may be possible for an attacker to deny service to legitimate users of the device. / ADVISORY - Thomson Cablemodem TCM315...

Monit 1.4/2.x/3/4 - 'HTTP Request' Buffer Overrun

source: https://www.securityfocus.com/bid/9099/info A buffer overrun vulnerability has been discovered in Monit 4.1 and earlier that could be exploited remotely to gain root privileges. The problem occurs due to insufficient bounds checking when handling overly long HTTP requests. As a result, it...

Apache Tomcat 4.0.x - Non-HTTP Request Denial of Service

source: https://www.securityfocus.com/bid/8824/info Apache Tomcat 4 has been reported prone to a remotely triggered denial-of-service vulnerability when handling undisclosed non-HTTP request types. When certain non-HTTP request types are handled by the Tomcat HTTP connector, the Tomcat server wil...

Apache Tomcat 4.0.x - Non-HTTP Request Denial of Service

Apache Tomcat 4.0.x - Non-HTTP Request Denial of Service source: https://www.securityfocus.com/bid/8824/info Apache Tomcat 4 has been reported prone to a remotely triggered denial-of-service vulnerability when handling undisclosed non-HTTP request types. When certain non-HTTP request types are...