Lucene search
K

97 matches found

Nmap
Nmap
added 2012/07/16 7:27 p.m.957 views

http-slowloris NSE Script

Tests a web server for vulnerability to the Slowloris DoS attack by launching a Slowloris attack. Slowloris was described at Defcon 17 by RSnake see . This script opens and maintains numerous 'half-HTTP' connections until the server runs out of resources, leading to a denial of service. When a...

10CVSS0.99448EPSS
Exploits33
OpenVAS
OpenVAS
added 2011/06/13 12:0 a.m.21 views

Mozilla Firefox SSL Certificate Spoofing Vulnerability - Windows

Mozilla Firefox is prone to SSL certificate spoofing vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS9.5AI score0.01502EPSS
Exploits2References3
Prion
Prion
added 2009/05/13 3:30 p.m.18 views

Design/Logic Flaw

CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse noncompliant Set-Cookie headers, which allows remote attackers to obtain sensitive information by sniffing the network for "secure cookies" that are sent over unencrypted HTTP connections...

4.3CVSS6AI score0.01539EPSS
Exploits0References8Affected Software2
NVD
NVD
added 2009/05/13 3:30 p.m.23 views

CVE-2009-0144

CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse noncompliant Set-Cookie headers, which allows remote attackers to obtain sensitive information by sniffing the network for "secure cookies" that are sent over unencrypted HTTP connections...

4.3CVSS6.7AI score0.01539EPSS
Exploits0References8
Cvelist
Cvelist
added 2009/05/13 3:14 p.m.26 views

CVE-2009-0144

CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse noncompliant Set-Cookie headers, which allows remote attackers to obtain sensitive information by sniffing the network for "secure cookies" that are sent over unencrypted HTTP connections...

6.7AI score0.01539EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2006/08/30 12:0 a.m.29 views

GLSA-200608-24 : AlsaPlayer: Multiple buffer overflows

The remote host is affected by the vulnerability described in GLSA-200608-24 AlsaPlayer: Multiple buffer overflows AlsaPlayer contains three buffer overflows: in the function that handles the HTTP connections, the GTK interface, and the CDDB querying mechanism. Impact : An attacker could exploit...

5CVSS6.2AI score0.11082EPSS
Exploits1References2
Cvelist
Cvelist
added 2005/02/26 5:0 a.m.31 views

CVE-2004-1727

BadBlue 2.5 allows remote attackers to cause a denial of service refuse HTTP connections via a large number of connections from the same IP address...

6.6AI score0.03064EPSS
Exploits1References5
NVD
NVD
added 2004/12/06 5:0 a.m.13 views

CVE-2004-0610

The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service connection refusal via a large number of open HTTP connections...

5CVSS6.5AI score0.14818EPSS
Exploits0References4
NVD
NVD
added 2004/12/06 5:0 a.m.18 views

CVE-2004-0611

Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service no new connections via a large number of open HTTP connections...

5CVSS6.5AI score0.01574EPSS
Exploits0References3
NVD
NVD
added 2004/11/23 5:0 a.m.15 views

CVE-2004-0264

palmhttpd for PalmOS allows remote attackers to cause a denial of service crash by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue...

5CVSS6.7AI score0.0324EPSS
Exploits1References3
NVD
NVD
added 2004/08/20 4:0 a.m.19 views

CVE-2004-1727

BadBlue 2.5 allows remote attackers to cause a denial of service refuse HTTP connections via a large number of connections from the same IP address...

5CVSS6.6AI score0.03064EPSS
Exploits1References5
Cvelist
Cvelist
added 2004/06/30 4:0 a.m.17 views

CVE-2004-0610

The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service connection refusal via a large number of open HTTP connections...

6.5AI score0.14818EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/03/18 5:0 a.m.22 views

CVE-2004-0264

palmhttpd for PalmOS allows remote attackers to cause a denial of service crash by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue...

6.7AI score0.0324EPSS
Exploits1References3
CVE
CVE
added 2004/01/08 5:0 a.m.67 views

CVE-2003-0904

Summary: CVE-2003-0904 affects Microsoft Exchange Server 2003 with Outlook Web Access (OWA) when NTLM is used. A flaw in HTTP connection reuse between front-end and back-end servers (NTLM-authenticated OWA) can cause a user to be connected to another user’s mailbox if Kerberos is disabled or fall...

6CVSS6.7AI score0.08162EPSS
Exploits0References9Affected Software2
Tenable Nessus
Tenable Nessus
added 2003/09/01 12:0 a.m.41 views

Polycom ViaVideo Web Server Incomplete HTTP Connection Saturation Remote DoS

The remote web server locks up when several incomplete web requests are sent and the connections are kept open. Some servers e.g. Polycom ViaVideo even run an endless loop, using much CPU on the machine. Nessus has no way to test this, but you'd better check your machine. C Tenable Network...

5CVSS5.5AI score0.07124EPSS
Exploits1References3
securityvulns
securityvulns
added 2003/04/17 12:0 a.m.33 views

Netgear Logging Vulnerability

Netgear logging vulnerability Introduction Tested Vulnerable Vendor Discussion PoC Stuff Introduction There is a problem in the way Netgear routers log outgoing HTTP connections which could lead to log corruption as well as dangerous character or script injection. Tested Vulnerable Model: RP114...

7AI score
Exploits0
securityvulns
securityvulns
added 2001/07/18 12:0 a.m.38 views

PHP local DoS: self-fetching throught HTTP

PHP scripting allows "opening" files througth HTTP: $file=fopen"http://host/page.html","r"; If script opening itself throught HTTP, it will result in DoS attack: as much as possible HTTP connections and great number of executing PHP scripts. Timeout settings are useless. Possible solutions: -...

6.6AI score
Exploits0
Rows per page
Query Builder