3703 matches found
CVE-2008-4678
The HTTPRequestParser method in the HTTP Transport component in IBM WebSphere Application Server WAS 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service controller 0C4 abend and application hang via a long HTTP Host header, related to "storage overlay" on the stack and a...
CVE-2008-4644
CVE-2008-4644 affects hits.php in the myWebland myStats component, where remote attackers can bypass IP address restrictions by tampering with the X-Forwarded-For HTTP header. The vulnerability is triggered by trusting a manipulated X-Forwarded-For value, allowing bypass of access controls intend...
CVE-2008-4644
hits.php in myWebland myStats allows remote attackers to bypass IP address restrictions via a modified X-Forwarded-For HTTP header...
Debian DSA-1652-1 : ruby1.9 - several vulnerabilities
Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe...
Debian DSA-1651-1 : ruby1.8 - several vulnerabilities
Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe...
rPSA-2008-0286-1 mono
rPath Security Advisory: 2008-0286-1 Published: 2008-09-29 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Remote User Deterministic Vulnerability Updated Versions: mono=conary.rpath.com@rpl:2/1.2.6-5-0.1 References: https://vulners.com/cve/CVE-2008-3906 Description: Previous...
AssetMan 2.5-b - SQL Injection using Session Fixation
============================================================ AssetMan v2.5-b SQL Injection using Session Fixation Attack ============================================================ ; , ,; '. ;: :; :: :: :: :: ': : :. : ;' :: :: ' .' '; ;' '. :: :; ;: :: ; :;. ,;: :: :; :;: ,;" :: ::. ':; ..,.; ;...
AssetMan 2.5-b - SQL Injection using Session Fixation
AssetMan 2.5-b - SQL Injection using Session Fixation ============================================================ AssetMan v2.5-b SQL Injection using Session Fixation Attack ============================================================ ; , ,; '. ;: :; :: :: :: :: ': : :. : ;' :: :: ' .' '; ;' '. ...
AssetMan v2.5-b SQL Injection using Session Fixation Attack
Exploit for unknown platform in category web applications =========================================================== AssetMan v2.5-b SQL Injection using Session Fixation Attack =========================================================== ; , ,; '. ;: :; :: :: :: :: ': : :. : ;' :: :: ' .' '; ;' '...
AssetMan v2.5-b SQL Injection using Session Fixation Attack
No description provided by source. ============================================================ AssetMan v2.5-b SQL Injection using Session Fixation Attack ============================================================ ; , ,; '. ;: :; :: :: :: :: ': : :. : ;' :: :: ' .' '; ;' '. :: :; ;: :: ; :;. ,...
Google Chrome 0.2.149 - Malformed view-source HTTP Header Remote Denial of Service
Google Chrome 0.2.149 - Malformed view-source HTTP Header Remote Denial of Service source: https://www.securityfocus.com/bid/31035/info Google Chrome is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted HTTP 'view-source' headers. Attacker...
Google Chrome 0.2.149 - Malformed 'view-source' HTTP Header Remote Denial of Service
source: https://www.securityfocus.com/bid/31035/info Google Chrome is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted HTTP 'view-source' headers. Attackers can exploit this issue to crash the affected application, denying service to...
Buffer overflow
Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted Accept-Language HTTP header...
CVE-2008-2928
CVE-2008-2928 affects Red Hat Directory Server 7.1 with Service Pack 7. A buffer overflow in the adminutil CGI components can be triggered by a crafted Accept-Language HTTP header, allowing remote attackers to crash the daemon or possibly execute arbitrary code. Connected advisory RHSA-2008:0596 ...
Red Hat Directory Server接受语言HTTP头字段缓冲区溢出漏洞
BUGTRAQ ID: 30869 CVE ID: CVE-2008-2928 CNCVE ID:CNCVE-20082928 Red Hat Directory Server是一款LDAPv3兼容的目录服务程序。 Red Hat Directory Server包含的对个CGI应用吃呢供需处理Accept-Language HTTP头字段存在缓冲区溢出,远程攻击者可以利用漏洞以管理服务器应用程序权限执行任意指令。 能访问管理服务器WEB接口的攻击者可使用这个漏洞使这些CGI应用程序崩溃,或者可能以应用程序权限执行任意代码。注意:Red Hat Directory Server...
Mono 2.0 - 'System.Web' HTTP Header Injection
source: https://www.securityfocus.com/bid/30867/info Mono is prone to a vulnerability that allows attackers to inject arbitrary HTTP headers because it fails to sanitize input. By inserting arbitrary headers into an HTTP response, attackers may be able to launch cross-site request-forgery,...
Mono 2.0 - System.Web HTTP Header Injection
Mono 2.0 - System.Web HTTP Header Injection source: https://www.securityfocus.com/bid/30867/info Mono is prone to a vulnerability that allows attackers to inject arbitrary HTTP headers because it fails to sanitize input. By inserting arbitrary headers into an HTTP response, attackers may be able ...
CVE-2008-2234
Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header...
Buffer overflow
Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header...
CVE-2008-2234
Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header...