CVE-2008-5519

The JK Connector aka modjk 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving 1 a request from a different client that included a Content-Length header but no POST dat...

CVE-2008-5519

The CVE refers to the mod_jk (JK Connector) for Apache Tomcat, affected in the 1.2.0–1.2.26 range. The root cause is an error in handling certain HTTP requests, enabling an attacker to obtain sensitive information via Content-Length-related scenarios (e.g., a request with Content-Length but no PO...

RedHat Security Advisory RHSA-2009:0344

The remote host is missing updates announced in advisory RHSA-2009:0344. libsoup is an HTTP client/library implementation for GNOME written in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into...

evolution28, libsoup security update

CentOS Errata and Security Advisory CESA-2009:0344 Updated libsoup and evolution28-libsoup packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libsoup is an...

Moderate: Red Hat Security Advisory: libsoup security update

Updated libsoup and evolution28-libsoup packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libsoup is an HTTP client/library implementation for GNOME writte...

Generic Botnet Server Detection (HTTP Client)

Binary data 4401.prm...

Webmin File Disclosure

A vulnerability has been reported in Webmin and Usermin, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error within the handling of an URL. This can be exploited to read the contents of any files on the...

mpg123 audio player DoS

Ebdless loop in HTTP client code if HTTP server closes connection before file ctransferred completely...

Cacti graph_view.php Remote Command Execution

This module exploits an arbitrary command execution vulnerability in the Raxnet Cacti 'graphview.php' script. All versions of Raxnet Cacti prior to 0.8.6-d are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...

Barracuda IMG.PL Remote Command Execution

This module exploits an arbitrary command execution vulnerability in the Barracuda Spam Firewall appliance. Versions prior to 3.1.18 are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModu...

CVE-2006-1989

Buffer overflow in the getdatabase function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers...

CVE-2006-1989

CVE-2006-1989 affects ClamAV’s HTTP client in the Freshclam updater, with a buffer overflow in the get_database function that can be triggered by oversized HTTP headers. Impact: potential remote code execution or a denial of service on vulnerable installations running ClamAV versions 0.80 through...

CVE-2006-1989

Buffer overflow in the getdatabase function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers...

CVE-2006-1989

Buffer overflow in the getdatabase function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers...

clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability

Secunia reports: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the HTTP client in the Freshclam command line...

Alt-N WebAdmin USER Buffer Overflow

Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. This module requires Metasploit: https://metasploit.com/download Current source:...

ie_xp_pfv_metafile.pm.txt

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

cUrl / licurl HTTP client library buffer overflow

Off-by-one and off-by-two overflows in URL parsing...

[Full-disclosure] iDEFENSE Security Advisory 10.13.05: Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability

Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.13.05 www.idefense.com/application/poi/display?id=322&type=vulnerabilities October 13, 2005 I. BACKGROUND GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the mos...

AWStats 6.2 < 6.1 - configdir Command Injection (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'AWStats...