CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2478 matches found

securityvulns•added 2001/09/20 12:0 a.m.•20 views

lotus domino server 5.08 is very gabby

maybe this is nothing new, but when i looked at some html raw headers after i surfed to a lotus domino 5.08 webserver, he tells me the following information : Lotus-Domino Release 5.0.8 - June 18, 2001 on AIX and further a request like this : GET //////////// HTTP/1.0 gives me the internal...

0.6AI score

Exploits0

CERT•added 2001/09/20 12:0 a.m.•19 views

Default installations of the Lotus Domino web server disclose system information via HTTP headers

Overview The default configuration of the Lotus Domino web server discloses system characteristics to anonymous remote users. Description The default configuration of the Lotus Domino web server discloses system information in the HTTP headers it returns to a web browser. If these headers are...

5CVSS6.3AI score0.00631EPSS

Exploits0References1

NVD•added 2001/09/19 4:0 a.m.•16 views

CVE-2000-1215

The default configuration of Lotus Domino server 5.0.8 includes system information version, operating system, and build date in the HTTP headers of replies, which allows remote attackers to obtain sensitive information...

5CVSS6.3AI score0.01625EPSS

Exploits0References4

NVD•added 2001/08/02 4:0 a.m.•16 views

CVE-2001-0600

Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated URL requests with the same HTTP headers, such as 1 Accept, 2 Accept-Charset, 3 Accept-Encoding, 4 Accept-Language, and 5 Content-Type...

5CVSS6.6AI score0.00786EPSS

Exploits1References2

Cvelist•added 2001/07/27 4:0 a.m.•19 views

CVE-2001-0600

6.6AI score0.00786EPSS

Exploits1References2

CVE•added 2001/07/27 4:0 a.m.•45 views

CVE-2001-0524

CVE-2001-0524 affects eEye SecureIIS versions 1.0.3 and earlier. The issue is that SecureIIS does not perform length checking on individual HTTP headers, allowing a remote attacker to send arbitrarily long header strings to IIS, contradicting the product’s advertised behavior. The vulnerability’s...

7.5CVSS7.2AI score0.00861EPSS

Exploits1References3Affected Software1

CVE•added 2001/07/27 4:0 a.m.•37 views

CVE-2001-0600

CVE-2001-0600 affects Lotus Domino R5 prior to 5.0.7. The vulnerability allows a remote attacker to cause a denial-of-service by making repeated URL requests using the same HTTP headers (e.g., Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type). The issue is documented by NVD ...

5CVSS7AI score0.00786EPSS

Exploits1References2Affected Software1

NVD•added 2001/07/09 4:0 a.m.•11 views

CVE-2001-1245

Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name...

5CVSS6.9AI score0.01099EPSS

Exploits0References3

NVD•added 2001/06/27 4:0 a.m.•18 views

CVE-2001-0460

Websweeper 4.0 does not limit the length of certain HTTP headers, which allows remote attackers to cause a denial of service memory exhaustion via an extremely large HTTP Referrer: header...

5CVSS6.6AI score0.03387EPSS

Exploits1References2

CVE•added 2001/05/24 4:0 a.m.•62 views

CVE-2001-0460

Websweeper 4.0 is affected: it does not limit the length of certain HTTP headers, enabling a DoS via an extremely large Referrer header. OpenVAS entries corroborate a denial-of-service path by sending invalid HTTP requests, potentially crashing or destabilizing the server. The CVE details do not ...

5CVSS6.6AI score0.03387EPSS

Exploits1References2Affected Software1

securityvulns•added 2001/05/21 12:0 a.m.•48 views

Дырка в iPlanet (buffer overflow)

Специальным образом сконструированные заголовки HTTP-запроса приводят к отказу сервера...

2.4AI score

Exploits0References2Affected Software2

Cvelist•added 2001/01/22 5:0 a.m.•12 views

CVE-2000-0908

BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request...

7.7AI score0.08939EPSS

Exploits0References5

NVD•added 2000/10/20 4:0 a.m.•9 views

CVE-2000-0775

Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers...

7.5CVSS7.8AI score0.12184EPSS

Exploits1References3

Cvelist•added 2000/04/26 4:0 a.m.•22 views

CVE-2000-0299

Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept...

6.8AI score0.03958EPSS

Exploits0References1

Packet Storm•added 1999/12/10 12:0 a.m.•36 views

iis4.path.txt

Hello, There is another one way to retrieve a full path to local files in IIS4: If there is external CGI application configured for some file type and this application doesn't produce correct HTTP headers IIS generates an error with output of application both stdout and stderror. The problem is,...

7.4AI score

Exploits0

Packet Storm•added 1999/08/17 12:0 a.m.•27 views

msproxy2.0.exploit.txt

Date: Wed, 7 Oct 1998 07:10:49 +0100 From: Mnemonix To: [email protected] Subject: WARNING: By-passing MS Proxy packet filtering The following text is in the "ISO-8859-1" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. Whilst...

7.4AI score

Exploits0