CVE-2005-2703

CVE-2005-2703 affects Firefox up to 1.0.7 and Mozilla Suite up to 1.7.12. The issue lets a remote attacker modify HTTP headers of XML HTTP requests made via XMLHttpRequest, potentially enabling attacks such as HTTP request smuggling or splitting. This is triggered by how XMLHttpRequests are handl...

CVE-2005-2853

Multiple cross-site scripting XSS vulnerabilities in GuppY 4.5.3a and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the pg parameter to printfaq.php, or the 2 Referer or 3 User-Agent HTTP headers, which are not properly handled by error.php...

FreeBSD : cacti -- multiple vulnerabilities (1cf00643-ed8a-11d9-8310-0001020eed82)

Stefan Esser reports : Wrongly implemented user input filters lead to multiple SQL Injection vulnerabilities which can lead f.e. to disclosure of the admin password hash. Wrongly implemented user input filters allows injection of user input into executed commandline. Alberto Trivero posted his...

[Full-disclosure] Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened - PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Cacti Authentification/Addslashes Bypass Vulnerability Release Date: 2005/07/01 Last Modified: 2005/07/01 Author: Stefan Esser [email protected] Application: Cacti =...

CVE-2002-1783

CVE-2002-1783 describes a CRLF injection vulnerability in PHP 4.2.1–4.2.3 when allow_url_fopen is enabled. An attacker could cause CRLF sequences to be injected into arguments passed to fopen or file functions, enabling modification of HTTP headers for outgoing requests. This is a remote, header-...

CVE-2002-1783

CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allowurlfopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the 1 fopen or 2 file functions...

cacti -- multiple vulnerabilities

Stefan Esser reports: Wrongly implemented user input filters lead to multiple SQL Injection vulnerabilities which can lead f.e. to disclosure of the admin password hash. Wrongly implemented user input filters allows injection of user input into executed commandline. Alberto Trivero posted his...

Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service

Exploit for multiple platform in category dos / poc ============================================================== Apache newproto='tcp', PeerAddr=$host, PeerPort=$port; $socket or die "Cannot connect to the host.\n"; binmode$sock; $hostname="Host: $host"; $buf2='A'x50; $buf4='A'x8183;...

CVE-2000-1215

The default configuration of Lotus Domino server 5.0.8 includes system information version, operating system, and build date in the HTTP headers of replies, which allows remote attackers to obtain sensitive information...

phpbb2012.txt

-------------------------------------------------------------------- Written by [email protected] -------------------------------------------------------------------- -------------------------------------------------------------------- Exploit : 2.0.x = phpbb 2.0.12 :...

CVE-2004-1053

Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow...

CVE-2004-1657

Cross-site scripting XSS vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the 1 User Agent or 2 Referrer HTTP headers...

CVE-2004-1657

The provided connected documents confirm CVE-2004-1657 affects dasBlog’s Activity and Events Viewer, where the application fails to sanitize HTTP headers (User-Agent and Referrer), enabling cross-site scripting. The Nessus NASL item specifies vulnerability in dasBlog versions up to 1.6.0 due to u...

GLSA-200502-04 : Squid: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200502-04 Squid: Multiple vulnerabilities Squid contains several vulnerabilities: Buffer overflow when handling WCCP recvfrom CAN-2005-0211. Loose checking of HTTP headers CAN-2005-0173 and CAN-2005-0174. Incorrect handling of LDA...

CVE-2005-0174

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including 1 multiple Content-Length headers, 2 carriage return CR characters that are not part of a CRLF pair, and 3 header names containing...

CVE-2005-0174

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including 1 multiple Content-Length headers, 2 carriage return CR characters that are not part of a CRLF pair, and 3 header names containing...

Squid fails to properly handle oversized reply headers

Overview The Squid web proxy cache may be vulnerable to oversized HTTP reply headers. Description Squid functions as a web proxy and cache application for a number of protocols, including the hypertext transfer protocol HTTP. A defect in the Squid HTTP handling prevents oversized reply headers...

squid -- correct handling of oversized HTTP reply headers

The squid patches page notes: This patch addresses a HTTP protocol mismatch related to oversized reply headers. In addition it enhances the cache.log reporting on reply header parsing failures to make it easier to track down which sites are malfunctioning. It is believed that this bug may lead to...

iDEFENSE Security Advisory 01.19.05: MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities

MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities iDEFENSE Security Advisory 01.19.05 www.idefense.com/application/poi/display?id=187&type=vulnerabilities January 19, 2005 I. BACKGROUND MaxDB by MySQL is a re-branded and enhanced version of SAP DB, SAP AG's open source database...

CVE-2004-2582

Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information...