Cross site scripting

Microsoft Internet Explorer 8.0 Beta 2 relies on the XDomainRequestAllowed HTTP header to authorize data exchange between domains, which allows remote attackers to bypass the product's XSS Filter protection mechanism, and conduct XSS and cross-domain attacks, by injecting this header after a CRLF...

Hardcoded credentials

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service hang via 1 a large integer in the Content-Length HTTP header; 2 an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or 3 a missing...

Debian Security Advisory DSA 1683-1 (streamripper)

The remote host is missing an update to streamripper announced via advisory DSA 1683-1. OpenVAS Vulnerability Test $Id: deb16831.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1683-1 streamripper Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...

Debian DSA-1683-1 : streamripper - buffer overflow

Multiple buffer overflows involving HTTP header and playlist parsing have been discovered in streamripper CVE-2007-4337, CVE-2008-4829 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-168...

[SECURITY] [DSA 1683-1] New streamripper packages fix potential code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1683-1 [email protected] http://www.debian.org/security/ Florian Weimer December 08, 2008 http://www.debian.org/security/faq -...

DSA-1683-1 streamripper - potential code execution

Bulletin has no description...

Streamripper Multiple Buffer Overflow Vulnerabilities (Linux)

The host is installed with Streamripper, which is prone to Multiple Buffer Overflow Vulnerabilities. OpenVAS Vulnerability Test $Id: gbstreamrippermultbofvulnnov08lin.nasl 5158 2017-02-01 14:53:04Z mime $ Streamripper Multiple Buffer Overflow Vulnerabilities Linux Authors: Veerendra GG Copyright:...

Streamripper Multiple Buffer Overflow Vulnerabilities - Linux

Streamripper is prone to multiple buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-5284

The CVE-2008-5284 issue affects multiple products where the web server component can crash due to a crafted HTTP Content-Length header with a negative value. Affected are IEA Software RadiusNT/RadiusX (versions 5.1.38 up to but not including 5.1.44), Emerald (5.0.49 up to before 5.0.52), Air Mars...

Ruby on Rails redirect_to() HTTP Header Injection Vulnerability - Linux

The host is running Ruby on Rails, which is prone to HTTP Header Injection Vulnerability. OpenVAS Vulnerability Test $Id: gbrubyrailshttpheaderinjvulnlin.nasl 4227 2016-10-07 05:45:35Z teissa $ Ruby on Rails redirectto HTTP Header Injection Vulnerability - Linux Authors: Veerendra GG Copyright:...

Ruby on Rails redirect_to() HTTP Header Injection Vulnerability (Oct 2008) - Linux

Ruby on Rails is prone to a HTTP Header injection vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

Sql injection

SQL injection vulnerability in subvotepic.php in the Datsogallery comdatsogallery module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header...

Sql injection

SQL injection vulnerability in inc/ajax/ajaxrating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header...

CVE-2008-5132

SQL injection vulnerability in inc/ajax/ajaxrating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header...

fresh email script 1.0 - Multiple Vulnerabilities

fresh email script 1.0 - Multiple Vulnerabilities 1. +-----------------+-----------------+-----------------+ 2. +-----------------+Fresh Email Script+----------------+ 3. +-----------------versions: 1.0 to 1.11 - all 4. +-----------------exploits: file inclusion & cookie manipulation 5...

JVN#67060882 sISAPILocation vulnerability bypasses HTTP header rewrite function

sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS Internet Information Services. sISAPILocation contains a vulnerability that allows the HTTP header rewrite function to be bypassed. Impact When sISAPILocation is used to configure settings, such as to specify charact...

Debian: Security Advisory (DSA-1651-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...