CVE-2003-0338

Directory traversal vulnerability in WsMp3 daemon WsMp3d 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. dot dot sequences in HTTP GET or POST requests...

CVE-2003-0339

Multiple heap-based buffer overflows in WsMp3 daemon WsMp3d 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests...

CUPS 1.1.x - Cupsd Request Method Denial of Service

CUPS 1.1.x - Cupsd Request Method Denial of Service source: https://www.securityfocus.com/bid/7637/info The cupsd has been reported prone to a denial of service vulnerability. Reportedly the cupsd does not adequately apply a time-out process for malicious HTTP requests and service is denied to...

CUPS 1.1.x - Cupsd Request Method Denial of Service

source: https://www.securityfocus.com/bid/7637/info The cupsd has been reported prone to a denial of service vulnerability. Reportedly the cupsd does not adequately apply a time-out process for malicious HTTP requests and service is denied to subsequent cupsd requests. This issue may be exploited...

Snowblind Web Server 1.01.1 - GET Buffer Overflow

Snowblind Web Server 1.01.1 - GET Buffer Overflow source: https://www.securityfocus.com/bid/7619/info Snowblind Web Server has been reported prone to a buffer overflow vulnerability. The vulnerability exists when the web server attempts to process HTTP requests of excessive length. Although...

Snowblind Web Server 1.0/1.1 - GET Buffer Overflow

source: https://www.securityfocus.com/bid/7619/info Snowblind Web Server has been reported prone to a buffer overflow vulnerability. The vulnerability exists when the web server attempts to process HTTP requests of excessive length. Although unconfirmed, this vulnerability may be exploited to...

MDG Web Server 4D 3.6 - HTTP Command Buffer Overflow

MDG Web Server 4D 3.6 - HTTP Command Buffer Overflow // source: https://www.securityfocus.com/bid/7479/info A buffer overflow vulnerability has been reported for MDG Web Server. The vulnerability exists when the web server attempts to process overly long HTTP requests. Specifically, when the web...

Pi3Web 2.0.1 Denial of Service - Proof of Concept

No description provided by source. / Pi3Web 2.0.1 DoS - Pr00f of concept. Vulnerable systems: Pi3Web 2.0.1 maybe others Vendor: www.johnroy.com/pi3 - http://pi3web.sourceforge.net/ Patch: no yet. Info: Pi3Web Server is vulnerable to a denial of Service. when a malformed HTTP Request is done the...

MDG Web Server 4D 3.6 - HTTP Command Buffer Overflow

// source: https://www.securityfocus.com/bid/7479/info A buffer overflow vulnerability has been reported for MDG Web Server. The vulnerability exists when the web server attempts to process overly long HTTP requests. Specifically, when the web server processes a malformed HTTP request of excessiv...

Alt-N WebAdmin 2.0.x - Remote File Viewing

Alt-N WebAdmin 2.0.x - Remote File Viewing source: https://www.securityfocus.com/bid/7438/info Alt-N WebAdmin allows a remote user to access files that they should not be able to access. The remote user can submit an HTTP request that will return the contents of any webserver-readable file on the...

VisNetic ActiveDefense 1.3.1 - GET Multiple Denial of Service Vulnerabilities

VisNetic ActiveDefense 1.3.1 - GET Multiple Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/7428/info A denial of service vulnerability has been discovered in VisNetic ActiveDefense. The problem occurs when multiple HTTP requests are subsequently made to a server,...

VisNetic ActiveDefense 1.3.1 - GET Multiple Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/7428/info A denial of service vulnerability has been discovered in VisNetic ActiveDefense. The problem occurs when multiple HTTP requests are subsequently made to a server, containing a specific amount of data. After processing these requests, the affecte...

Xeneo Web Server 2.2.10 - Undisclosed Buffer Overflow (PoC)

/ source: https://www.securityfocus.com/bid/7410/info Xeneo web server has been reported prone to an undisclosed buffer overflow vulnerability. It has been reported that a specifically crafted HTTP request containing malicious HTTP header information will trigger this condition. Although...

RealNetworks Helix Universal Server vulnerable to buffer overflow when sent two simultaneous HTTP requests containing a long string of characters

Overview The RealNetworks' Helix Universal Server supports delivery of several different media types over the Internet. Vulnerabilities have been discovered in the way it handles some requests from the network. These vulnerabilities could allow a remote attacker to execute arbitrary code on...

CVE-2002-0543

Directory traversal vulnerability in Aprelium Abyss Web Server abyssws before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. dot dot sequences in the HTTP request...

Lotus Domino Web Server vulnerable to denial of service via incomplete POST request

Overview Lotus Domino Web Server is an application that provides access to Lotus Notes databases via HTTP requests. A vulnerability exists that could permit a remote attacker to cause a denial-of-service situation for HTTP requests. Description Lotus Domino Web Server contains a vulnerability in...

CVE-2002-1718

Microsoft Internet Information Server IIS 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension FPSE file, as claimed using an HTTP request for colegal.htm that contains .. dot dot sequences...

CVE-2002-1999

HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests...

CVE-2002-2009

Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by 1 +/, 2 /, 3 /, and 4 %20/, which leaks the pathname in an error message...

CVE-2002-1368

CVE-2002-1368 affects CUPS 1.1.14–1.1.17 and can be exploited remotely by sending HTTP requests with a negative Content-Length or negative chunked length, causing negative arguments to memcpy() and potentially triggering a crash or arbitrary code execution. The vulnerability arises from improper ...