3632 matches found
Design/Logic Flaw
The administrative web interface on the Netgear DG632 with firmware 3.4.0ap allows remote attackers to cause a denial of service web outage via an HTTP POST request to cgi-bin/firmwarecfg...
CVE-2009-2256
The administrative web interface on the Netgear DG632 with firmware 3.4.0ap allows remote attackers to cause a denial of service web outage via an HTTP POST request to cgi-bin/firmwarecfg...
Netgear DG632 Router Remote DoS Vulnerability
Product Name: Netgear DG632 Router Vendor: http://www.netgear.com Date: 15 June, 2009 Author: [email protected] [email protected] Original URL: http://www.tomneaves.co.uk/NetgearDG632RemoteDoS.txt Discovered: 18 November, 2006 Disclosed: 15 June, 2009 I. DESCRIPTION The Netgear DG632 router h...
Netgear DG632 Router Remote Denial of Service Vulnerability
Exploit for hardware platform in category dos / poc =========================================================== Netgear DG632 Router Remote Denial of Service Vulnerability =========================================================== Product Name: Netgear DG632 Router Vendor: http://www.netgear.com...
Netgear DG632 Denial Of Service
Product Name: Netgear DG632 Router Vendor: http://www.netgear.com Date: 15 June, 2009 Author: [email protected] Original URL: http://www.tomneaves.co.uk/NetgearDG632RemoteDoS.txt Discovered: 18 November, 2006 Disclosed: 15 June, 2009 I. DESCRIPTION The Netgear DG632 router has a web interface...
NETGEAR DG632 Router - Remote Denial of Service
NETGEAR DG632 Router - Remote Denial of Service Product Name: Netgear DG632 Router Vendor: http://www.netgear.com Date: 15 June, 2009 Author: [email protected] Original URL: http://www.tomneaves.co.uk/NetgearDG632RemoteDoS.txt Discovered: 18 November, 2006 Disclosed: 15 June, 2009 I. DESCRIPTIO...
IceWarp WebMail口令取回功能输入验证漏洞
BUGTRAQ ID: 34827 CVECAN ID: CVE-2009-1469 Merak Email Server是一个全面的办公室局域网或Internet通讯邮件解决方案。 Merak邮件服务器的WebMail模块在登陆页面提供了“忘记口令”取回功能,忘记了登录口令的用户可以在这里向邮件服务器提供他们的邮件地址,之后服务器检查系统中是否存在这个地址并将相关的用户口令发回到这个地址。 在点击Forgot Password页面的提交按键时,所发送的HTTP POST请求包含有类似于以下的负载:...
eLitius 1.0 Command Execution
?php //786 / ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ============================================================================== / | | || | | \ | | / ...
[RT-SA-2009-003] IceWarp WebMail Server: SQL Injection in Groupware Component
Advisory: IceWarp WebMail Server: SQL Injection in Groupware Component During a penetration test RedTeam Pentesting discovered multiple SQL-Injections in the IceWarp WebMail Server. Attackers that are in control of a user account for the web-based email and groupware components are able to execut...
IceWarp WebMail SQL Injection
Advisory: IceWarp WebMail Server: SQL Injection in Groupware Component During a penetration test RedTeam Pentesting discovered multiple SQL-Injections in the IceWarp WebMail Server. Attackers that are in control of a user account for the web-based email and groupware components are able to execut...
Format string
Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable...
CVE-2009-0993
Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable...
CVE-2009-0993
Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable...
Breach Security ModSecurity for Apache DoS
Module hangs on incomplete HTTP POST multipart/form-data request...
CVE-2008-6395
The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers to cause a denial of service device crash via a malformed HTTP POST request...
Cross site request forgery (csrf)
The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers to cause a denial of service device crash via a malformed HTTP POST request...
CVE-2008-6395
The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers to cause a denial of service device crash via a malformed HTTP POST request...
CVE-2002-2428
webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an HTTP POST request that contains a Content-Length header but no body data...
CVE-2002-2428
webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an HTTP POST request that contains a Content-Length header but no body data...
Firefox directives to not cache pages ignored
Mozilla Firefox 3.x before 3.0.6 does not properly implement the 1 no-store and 2 no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the a back button or b history list of the victim's browser, as demonstrated by reading the response page of an...