Curl is vulnerable to a denial-of-service (DoS) issue

Curl is vulnerable to a denial-of-service DoS issue due to how some HTTPs servers handle cookies that contain 'control-bytes' / 'control codes' byte values below 32. When curl sends cookies that contain these bytes to an HTTPs server, it may return a 400 response which effectively allows a "siste...

Node.js: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks

A vulnerability in Node.js HTTP servers was discovered that allowed denial of service DoS attacks. By sending specially crafted HTTP requests with chunked encoding, an attacker could cause resource exhaustion on the server. The lack of limitations on chunk extension bytes enabled the server to re...

PT-2023-8975 · Node.Js +8 · Node.Js +8

Name of the Vulnerable Software and Affected Versions: Node.js affected versions not specified Description: A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service DoS. The serv...

An issue was discovered in Python before 3.8.18 3.9.x before 3.9.18 3.10.x before 3.10.13 and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created receives data into the socket buffer and then is closed quickly there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)

...

AlmaLinux 8 : python3.11 (ALSA-2023:5463)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5463 advisory. - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP...

Important: squid

Issue Overview: An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restrict...

NTLMRecon - A Tool For Performing Light Brute-Forcing Of HTTP Servers To Identify Commonly Accessible NTLM Authentication Endpoints

NTLMRecon is a Golang version of the original NTLMRecon utility written by Sachin Kamath AKA pwnfoo. NTLMRecon can be leveraged to perform brute forcing against a targeted webserver to identify common application endpoints supporting NTLM authentication. This includes endpoints such as the Exchan...

SUSE CVE-2013-6485

Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows remote HTTP servers to cause a denial of service application crash or possibly have unspecified other impact via an invalid chunk-size field in chunked transfer-coding data...

No Rate Limit On Reset Password

Description A rate limiting algorithm is used to check if the user session or IP address has to be limited based on the information in the session cache. In case a client made too many requests within a given time frame, HTTP servers can respond with status code 429: Too Many Requests. wikipedia ...

Code injection

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

Oracle Linux 7 : squid (ELSA-2022-22254)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-22254 advisory. - 7:4.11-3.0.1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...

CVE-2022-3252

Improper detection of complete HTTP body decompression SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects HTTPRequestDecompressor and HTTPResponseDecompressor both failed to detect when the decompressed body was...

CVE-2022-3252

Improper detection of complete HTTP body decompression SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects HTTPRequestDecompressor and HTTPResponseDecompressor both failed to detect when the decompressed body was...

PT-2022-25770 · Jenkins · Jenkins Cons3Rt Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins CONS3RT Plugin versions 1.0.0 and earlier Description: The issue arises from missing permission checks in the Jenkins CONS3RT Plugin, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server usin...

SUSE SLED15 / SLES15 Security Update : node_exporter (SUSE-SU-2022:2140-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2140-1 advisory. - clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgola...

Oracle Linux 8 : container-tools:ol8 (ELSA-2022-1762)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1762 advisory. - switch to RHEL maintenance branch which fixes CVE-2022-27651 - Fix CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 out-of-bounds access - fix...

GHSA-XXV8-PV43-57X5 PEAR core file overwrite vulnerability

PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite...

CVE-2022-24801

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing...

GO-2021-0224 Data race and crash in net/http

HTTP servers where the Handler concurrently reads the request body and writes a response can encounter a data race and crash. The httputil.ReverseProxy Handler is affected...

Design/Logic Flaw

clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP servers and clients. In clientgolang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and...