GoAhead Web Server 2.1.x - '.ASP' File Source Code Disclosure

source: https://www.securityfocus.com/bid/9239/info A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP requests. An attacker can append certain characters to the end of a...

GoAhead Web Server 2.1.x - .ASP File Source Code Disclosure

GoAhead Web Server 2.1.x - .ASP File Source Code Disclosure source: https://www.securityfocus.com/bid/9239/info A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP request...

Northern Solutions Xeneo Web Server 2.1/2.2 - Denial of Service

source: https://www.securityfocus.com/bid/6098/info A denial of service vulnerability has been reported for Xeneo web server. When the web server processes a malformed HTTP request, it will crash and lead to the denial of service condition. http://www.example.com/% http://www.example.com/%A...

IBM Websphere Caching Proxy 3.6/4.0 - Denial of Service

source: https://www.securityfocus.com/bid/6002/info A vulnerability has been reported in the Caching Proxy component bundled with IBM WebSphere Edge Server. The vulnerability is due to inadequate checks when processing HTTP headers. An attacker can exploit this vulnerability by sending a malforme...

Polycom ViaVideo 2.23.0 - Denial of Service

Polycom ViaVideo 2.23.0 - Denial of Service source: https://www.securityfocus.com/bid/5962/info Polycom ViaVideo devices are prone to a denial of service condition upon receipt of numerous incomplete HTTP requests. This may restrict availability of the device for legitimate users. The device may...

Polycom ViaVideo 2.2/3.0 - Denial of Service

source: https://www.securityfocus.com/bid/5962/info Polycom ViaVideo devices are prone to a denial of service condition upon receipt of numerous incomplete HTTP requests. This may restrict availability of the device for legitimate users. The device may need to be restarted to regain normal...

Jakarta Tomcat serves JSP source code when supplied malformed HTTP request

Overview Tomcat does not adequately validate HTTP requests and may reveal JSP source code if supplied a malformed HTTP request. Description JavaServer Pages JSP is a technology that allows for the creation of dynamic web content. The Apache Jakarta Project implementation of JSP is known as Tomcat...

Novell NetWare 5.1/6.0 - POST Arbitrary Perl Code Execution

source: https://www.securityfocus.com/bid/5520/info A vulnerability has been reported in some versions of Novell NetWare. This issue lies in the handling of some HTTP requests when Perl is used as a handler by a web server. Reportedly, it is possible for an attacker to execute arbitrary Perl code...

Personal Web Sharing Long HTTP Request DoS

It was possible to kill the Personal Web Sharing service by sending it a too long request. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik Anderson nb: domain no longer exists References: To: [email protected] Subject: Personal Web Sharing...

CVE-2002-0412

Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via 1 an HTTP GET request, 2 a user name in HTTP authentication, or 3 a password in HTTP...

SurfControl SuperScout does not filter web requests fragmented in multiple packets

Overview SurfControl SuperScout Web Filter does not block some HTTP requests that have been fragmented into multiple packets. Description SurfControl SuperScout Web Filter is software intended for companies that wish to limit employees' web surfing to appropriate uses. SuperScout anazlyzes...

LabVIEW Web Server HTTP Get Newline DoS

It was possible to kill the web server by sending a request that ends with two LF characters instead of the normal sequence CR LF CR LF CR = carriage return, LF = line feed. An attacker can exploit this vulnerability to make this server and all LabView applications crash. C Tenable Network...

CVE-2001-1342

Apache httpd before 1.3.20 on Windows and OS/2 is vulnerable to a denial-of-service via a crafted URI containing many slashes or other characters, which causes dereferencing of a NULL pointer in certain functions. The issue leads to a General Protection Fault in a child process when handling the ...

Cisco ATA-186 - HTTP Device Configuration Disclosure

Cisco ATA-186 - HTTP Device Configuration Disclosure source: https://www.securityfocus.com/bid/4711/info The Cisco ATA-186 Analog Telephone Adapter is a hardware device designed to interface between analog telephones and Voice over IP VoIP. It includes support for web based configuration...

Cisco ATA-186 - HTTP Device Configuration Disclosure

source: https://www.securityfocus.com/bid/4711/info The Cisco ATA-186 Analog Telephone Adapter is a hardware device designed to interface between analog telephones and Voice over IP VoIP. It includes support for web based configuration. Reportedly, HTTP requests consisting of a single character...

CVE-2001-1337

The CVE-2001-1337 entry concerns Beck IPC GmbH IPC@CHIP Embedded-Webserver. Reported impact is a remote denial of service triggered by a long HTTP request. The available information does not specify affected versions, exact vulnerable component or root cause details, nor any published exploitable...

CVE-2002-0291

Dino's Webserver 1.2 allows remote attackers to cause a denial of service CPU consumption and possibly execute arbitrary code via several large HTTP requests within a short time...

CVE-2002-0291

Dino's Webserver 1.2 is affected by CVE-2002-0291. The vulnerability allows remote attackers to cause a denial of service (CPU consumption) and potentially execute arbitrary code by sending several large HTTP requests in a short period. The commonly cited impact is partial availability compromise...

Apache Web Server vulnerable to DoS via crafted HTTP request

Overview Some versions of the Apache Web server are vulnerable to denial-of-service attacks by crafted HTTP requests. Description A vulnerability exists in some versions the Apache Web HTTPD Server running on Windows 98SE, Windows 2000 SP1, and OS/2. The vulnerability appears to be a bounds...

CVE-2000-0859

The CVE-2000-0859 entry describes a DoS in the NTMail web configuration server for NTMail V5 and V6 caused by remote attackers sending a sequence of partial HTTP requests. The impact is denial of service (availability) with no confidentiality or integrity impact stated, and the CVSS vector indica...