Nmap NSE net: http-methods

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-1908

The CVE-2010-1908 entry concerns the SdcUser.TgConCtl ActiveX control in tgctlcm.dll used by Consona Live Assistance, Dynamic Agent, and Subscriber Assistance. The vulnerability stems from inadequate access restrictions on the HTTPDownloadFile, HTTPGetFile, Install, and RunCmd methods, enabling r...

http-methods NSE Script

Finds out what options are supported by an HTTP server by sending an OPTIONS request. Lists potentially risky methods. It tests those methods not mentioned in the OPTIONS headers individually and sees if they are implemented. Any output other than 501/405 suggests that the method is if not in the...

HTTP Methods Allowed (per directory)

By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each directory. The following HTTP methods are considered insecure: PUT, DELETE, CONNECT, TRACE, HEAD Many frameworks and languages treat 'HEAD' as a 'GET' request, albeit one without any body in the...

IBM WebSphere Application Server 7.0 < Fix Pack 5

IBM WebSphere Application Server 7.0 before Fix Pack 5 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - If the admin console is directly accessed from HTTP, the console fails to redirect t...

IBM WebSphere Application Server < 6.0.2.35 Multiple Vulnerabilities

IBM WebSphere Application Server 6.0.2 before Fix Pack 35 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - A login using the LPTAToken cookie may result in extending LTPAToken expiration...

CVE-2008-5160

Unspecified vulnerability in MyServer 0.8.11 allows remote attackers to cause a denial of service daemon crash via multiple invalid requests with the HTTP GET, DELETE, OPTIONS, and possibly other methods, related to a "204 No Content error."...

Code injection

Unspecified vulnerability in MyServer 0.8.11 allows remote attackers to cause a denial of service daemon crash via multiple invalid requests with the HTTP GET, DELETE, OPTIONS, and possibly other methods, related to a "204 No Content error."...

CVE-2008-5160

CVE-2008-5160 targets MyServer 0.8.11, described as an unspecified remote DoS that crashes the daemon via multiple invalid HTTP requests (GET/DELETE/OPTIONS and possibly others) related to a “204 No Content error.” OpenVAS entries corroborate a MyServer remote DoS vulnerability, with references t...

MyServer 0.8.11 - 204 No Content error Remote Denial of Service

MyServer 0.8.11 - 204 No Content error Remote Denial of Service exploit.py import socket import os print '------------------------------------------------------------------' print ' MyServer 0.8.11 "204 No Content" error Remote Denial of Service' print ' url: www.myserverproject.net' print '...

MyServer 0.8.11 (204 No Content) error Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ======================================================================= MyServer 0.8.11 204 No Content error Remote Denial of Service Exploit ======================================================================= exploit.py import socket import ...

MyServer 0.8.11 - &#039;204 No Content&#039; error Remote Denial of Service

exploit.py import socket import os print '------------------------------------------------------------------' print ' MyServer 0.8.11 "204 No Content" error Remote Denial of Service' print ' url: www.myserverproject.net' print ' author: shinnai' print ' mail: shinnaiatautisticidotorg' print ' sit...

Technical note by Amit Klein: &quot;Sending arbitrary HTTP requests with Flash 7/8 &#40;+IE 6.0&#41;&quot;

Sending arbitrary HTTP requests with Flash 7/8 +IE 6.0 Amit Klein, August 2006 The trick ========= In 1, I showed how to forge parts of HTTP requests containing CRs and LFs using Flash. In that write-up, the data was part of the HTTP body section. However, combining the Content-Length overriding...

Security Best Practice: Familiarize Yourself with the HTTP Methods Protection

The HTTP RFC allows a restricted set of HTTP methods. However, even some of the standard methods are unsafe, because they can be used to exploit vulnerabilities on a web server. Many of the non-standard methods have a very bad security record. Microsoft WebDAV methods, for example, have certain...

IBM WebSphere Application Server < 6.1.0.25 Multiple Vulnerabilities

Binary data 5077.prm...

IBM WebSphere Application Server < 6.0.2.35 Multiple Vulnerabilities

Binary data 5076.prm...

HTTP TRACE / TRACK Methods Allowed

The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. This script was written by Thomas Reinke Improvements re TRACK and RFP reference courtesy of Improvements by rd - httpget to get full HTTP/1.1 support,...

HTTP NIDS Evasion

This plugin configures Nessus for NIDS evasion see the 'Prefs' panel. NIDS evasion options are useful if you want to determine the quality of the expensive NIDS you just bought. HTTP evasion techniques : - HEAD: use HEAD method instead of GET - URL encoding: - Hex: change characters to %XX - MS...

Xerver-2.10-File-Disclousure&amp;DoS-attack

------oOo------ Xerver Free Web Server 2.10 file Disclosure & DoS Denial of Service Attack. ------oOo------ Company Affected: www.JavaScript.nu Version: v2.10 Date Added: 02-27-02 Size: 287 KB OS Affected: : Windows ALL, Linux ALL, BSD all, Solaris ALL, MAC ALL. Author: Alex Hernandez...

Xerver-2.10.txt

------oOo------ Xerver Free Web Server 2.10 file Disclosure & DoS Denial of Service Attack. ------oOo------ Company Affected: www.JavaScript.nu Version: v2.10 Date Added: 02-27-02 Size: 287 KB OS Affected: : Windows ALL, Linux ALL, BSD all, Solaris ALL, MAC ALL. Author: Alex Hernandez Thanks all...