Mandrake Linux Security Advisory : php (MDKSA-2006:028)

Multiple response splitting vulnerabilities in PHP allow remote attackers to inject arbitrary HTTP headers via unknown attack vectors, possibly involving a crafted Set-Cookie header, related to the 1 session extension aka ext/session and the 2 header function. CVE-2006-0207 Multiple cross-site...

CVE-2006-0207

Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the 1 session extension aka ext/session and the 2 header function...

Design/Logic Flaw

Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the 1 session extension aka ext/session and the 2 header function...

CVE-2005-4749

HTTP request smuggling vulnerability in BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier allows remote attackers to inject arbitrary HTTP headers via unspecified attack vectors...

CVE-2005-4579

Multiple HTTP response splitting vulnerabilities in Hitachi Business Logic - Container BLC P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to inject arbitrary HTTP headers via unknown attack vectors in an unspecified input form...

CVE-2005-4579

Multiple HTTP response splitting vulnerabilities in Hitachi Business Logic - Container BLC P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to inject arbitrary HTTP headers via unknown attack vectors in an unspecified input form...

CVE-2005-4579

Technical specifics (affected product/version, root cause, impact, and fixes) are not provided in the supplied documents. No concrete exploit details are available. Monitor for updates from vendors and advisories to obtain detailed mitigations.

CVE-2005-4521

CRLF injection vulnerability in Mantis 1.0.0rc3 and earlier allows remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via 1 the return parameter in logincookietest.php and 2 ref parameter in loginselectprojpage.php...

CVE-2005-4521

CVE-2005-4521 is a CRLF injection vulnerability in Mantis (affected: 1.0.0rc3 and earlier) that lets remote attackers modify HTTP headers and perform HTTP response splitting via the login_cookie_test.php return parameter and the login_select_proj_page.php ref parameter. The issue is documented in...

[VulnWatch] XSS & Header Injection in Drupal and vBulletin

A fake image header with actual html body content was able to get past phpbb's input validation. An exploit was issued for phpbb a month ago and that sparked me to check some other webapps. vbulletin 3.5.0 forum file attachments did not sanitize against this, as a result Jelsoft quickly issued...

CVE-2004-2582

Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information...

CVE-2004-2582

The vulnerability CVE-2004-2582 affects Novell iChain 2.3. The issue is that the proxy server’s HTTP VIA header line reveals the build number, enabling remote attackers to obtain sensitive information. The available documents confirm the affected product and the root cause (build number disclosur...

BrowseGate HTTP headers overflows

It was possible to kill the BrowseGate proxy by sending it an invalid request with too long HTTP headers Authorization and Referer A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id:...

Private IP address leaked in HTTP headers

This web server leaks a private IP address through its HTTP headers. SPDX-FileCopyrightText: 2001 Alert4Web.com, 2003 Westpoint Ltd Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

BrowseGate HTTP headers overflows

It was possible to kill the BrowseGate proxy by sending it an invalid request with too long HTTP headers Authorization and Referer SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2005-3398

The default configuration of the web server for the Solaris Management Console SMC in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers...

CVE-2005-3144

httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers...

CVE-2005-2758

CVE-2005-2758 affects Symantec AntiVirus Scan Engine (administrative web interface). The vulnerability is a buffer overflow caused by insufficient validation of HTTP header input, allowing remote code execution when a crafted request is sent to the web service port (default 8004) on affected vers...

CVE-2005-2758

Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow...

CVE-2005-3144

CVE-2005-3144 affects httpAdapter.c in sblim-sfcb versions before 0.9.2, where long HTTP headers can trigger a remote denial of service. The vulnerability is documented in NVD CVE and CVE records; impact is limited to availability (partial), with network access and no authentication required. Rem...