CVE-2016-1901

Integer overflow in the authenticatepost function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow...

Integer overflow

Integer overflow in the authenticatepost function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow...

CVE-2016-1901

CVE-2016-1901 refers to an Integer Overflow in cgit’s authenticate_post function that can trigger a buffer overflow when a large Content-Length header is processed. Publicly documented fixes target the cgit 0.12 release family: Debian’s DSA-3545.1 notes updates to 0.12.x (and later backports for ...

CVE-2016-1901

Integer overflow in the authenticatepost function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow...

CVE-2016-1899

CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting XSS attacks via CRLF sequences in the mimetype parameter, as demonstrated by a request to blob/cgit....

LiteSpeed Web Server 5.1.0 HTTP Header Injection

Information -------------------- Advisory by Netsparker Name: HTTP Header Injection in LiteSpeed Web Server Affected Software : LiteSpeed Web Server Affected Versions: v5.1.0 and possibly below Vendor Homepage : https://www.litespeedtech.com/ Vulnerability Type : HTTP Header Injection Severity :...

Debian DLA-394-1 : passenger security update

agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an underscore character instead of a -...

[SECURITY] [DLA 394-1] passenger security update

Package : passenger Version : 2.2.11debian-2+deb6u1 CVE ID : CVE-2015-7519 agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof heade...

DLA-394-1 passenger - security update

Bulletin has no description...

JVN#45928828: H2O vulnerable to HTTP header injection

H2O is an open source web server software. H2O contains an HTTP header injection vulnerability. Impact An HTTP response splitting attack may result in arbitrary cookie values. Solution Update the Software Update to the latest version according to the information provided by the developer. Product...

Design/Logic Flaw

agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an underscore character instead of a -...

CVE-2015-7519

Summary (validated by connected docs): CVE-2015-7519 affects Phusion Passenger in Apache integration or standalone mode without a filtering proxy, where the module’s HTTP header handling in agent/Core/Controller/SendRequest.cpp allows remote attackers to spoof headers by replacing a dash with an ...

CVE-2015-7519

agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an underscore character instead of a -...

Base64 Decode Method inside HTTP Header

Attackers may use Base64 encoded content inside HTTP headers, and decode it dynamically in order to avoid being detected by IPS products...

Joomla 1.5 - 3.4.5 - HTTP Header Unauthenticated Remote Code Execution Exploit

Joomla suffers from an unauthenticated remote code execution that affects all versions from 1.5.0 to 3.4.5. By storing user supplied headers in the databases session table it's possible to truncate the input by sending an UTF-8 character. The custom created payload is then executed once the sessi...

Joomla HTTP Header Unauthenticated Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Joomla HTTP Header Unauthenticated Remote Code Execution', 'Description' = %q Joomla suffers from an unauthenticated remote code...

RHEL 6 : JBoss Web Server (RHSA-2015:2659)

Updated Red Hat JBoss Web Server 3.0.2 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...

The Ceph Object Gateway CRLF Vulnerability(CVE-2 0 1 5-5 2 4 5)-vulnerability warning-the black bar safety net

CVECAN ID: CVE-2 0 1 5-5 2 4 5 The Ceph Object Gateway is constructed in the librados on top of the object storage interface, you can make the application through a RESTful gateway to access the distributed storage system Ceph Storage Clusters. Ceph 0.94.4 before the version, Ceph Object Gateway,...

CVE-2015-5245

CRLF injection vulnerability in the Ceph Object Gateway aka radosgw or RGW in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name...

RHEL 7 : Red Hat Ceph Storage 1.3.1 (RHSA-2015:2066)

Red Hat Ceph Storage 1.3.1 that fixes one security issue, multiple bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...