CVE-2001-0394

Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory...

CVE-2001-0394

The CVE-2001-0394 entry concerns Website Pro 3.0.37 where the Remote manager service is vulnerable to a denial-of-service via a sequence of malformed HTTP requests to the /dyn directory. The NVD entry lists a CVSS2 base score of 5.0 (Medium) with network attack vector, low attack complexity, no a...

CVE-2000-0859

The web configuration server for NTMail V5 and V6 allows remote attackers to cause a denial of service via a series of partial HTTP requests...

CVE-2001-0122

Kernel leak in AfpaCache module of the Fast Response Cache Accelerator FRCA component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error...

Проксирование HTTP-запросов через JAVA (unauthorized access)

Через прокси сервер можно получить и отправить любые html-доументы...

CVE-2001-1556

The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep...

CVE-2001-0665

Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability."...

Microsoft Index Server 2.0 - File Information Full Path Disclosure

Microsoft Index Server 2.0 - File Information Full Path Disclosure source: https://www.securityfocus.com/bid/3339/info The sqlqhit.asp sample file is used for performing web-based SQL queries. Malicious users could send specifically crafted HTTP request to an Internet Information Services server...

CVE-2001-0394

Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory...

CVE-2001-1304

Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service crash via several HTTP requests with a long 1 user-agent or 2 host HTTP header...

Lotus Domino vulnerable to DoS via large crafted URL request

Overview The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Description HTTP requests to TCP port 80 consisting of multiple /'s, approximately 8k worth, will result in the consumption of the CPU 99-100%. Typically, 8k of the character "a" results in...

Cobalt Qube Webmail 1.0 - Directory Traversal

Cobalt Qube Webmail 1.0 - Directory Traversal source: https://www.securityfocus.com/bid/2987/info Cobalt Qube is an fully-featured network "server appliance". It includes pre-installed tools and applications and can be put online with very little configuration. A vulnerability in Cobalt Qube's...

CVE-2001-0399

Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request...

CVE-2001-0391

CVE-2001-0391 affects Xitami Web Server (version 2.5d4 and earlier). The vulnerability permits remote attackers to crash the server by sending an HTTP request to the /aux directory, producing availability impact as described in the CVSS metrics (base score 5.0, MEDIUM). The provided documents do ...

CVE-2001-0367

Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters...

CVE-2001-0122

Kernel leak in AfpaCache module of the Fast Response Cache Accelerator FRCA component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error...

CVE-2001-0925

The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / slash characters, which causes the path to be mishandled by 1 modnegotiation, 2 moddir, or 3 modautoindex...

def-2001-10: Websweeper Infinite HTTP Request DoS

====================================================================== Defcom Labs Advisory def-2001-10 Websweeper Infinite HTTP Request DoS Author: Peter Grьndl [email protected] Release Date: 2001-03-08 ======================================================================...

Baltimore Technologies WEBsweeper 4.0 - Denial of Service

Baltimore Technologies WEBsweeper 4.0 - Denial of Service // source: https://www.securityfocus.com/bid/2465/info Baltimore Technology WEBsweeper is subject to a denial of service condition. Submitting an unusually long HTTP request through WEBsweeper will cause the consumption of all available...

defcom.websphere.txt

====================================================================== Defcom Labs Advisory def-2001-02 IBM Websphere 3.52 Kernel Leak DoS Author: Peter Gründl Release Date: 2001-01-08 ====================================================================== ------------------------=Brief...