1615 matches found
clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability
Secunia reports: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the HTTP client in the Freshclam command line...
Alt-N WebAdmin USER Buffer Overflow
Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. This module requires Metasploit: https://metasploit.com/download Current source:...
ie_xp_pfv_metafile.pm.txt
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
cUrl / licurl HTTP client library buffer overflow
Off-by-one and off-by-two overflows in URL parsing...
[Full-disclosure] iDEFENSE Security Advisory 10.13.05: Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability
Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.13.05 www.idefense.com/application/poi/display?id=322&type=vulnerabilities October 13, 2005 I. BACKGROUND GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the mos...
AWStats 6.2 < 6.1 - configdir Command Injection (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'AWStats...
Debian DSA-507-1 : cadaver - buffer overflow
Stefan Esser discovered a problem in neon, an HTTP and WebDAV client library, which is also present in cadaver, a command-line client for WebDAV server. User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable. %NASLMINLEVEL 70300 ...
FreeBSD : Remote Denial of Service of HTTP server and client (57)
The following package needs to be updated: giFT-FastTrack %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg1f738bdac6ac11d88898000d6111a684.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyrigh...
CVE-2004-0604
The CVE-2004-0604 issue affects giFT-FastTrack up to version 0.8.6 (and earlier), where the HTTP client and server can be triggered remotely to crash via an empty search query, causing a NULL dereference and Denial of Service. Public sources in the connected documents confirm a remote DoS impact ...
[SECURITY] [DSA 507-1] New cadaver packages fix buffer overflow
-------------------------------------------------------------------------- Debian Security Advisory DSA 507-1 [email protected] http://www.debian.org/security/ Martin Schulze May 19th, 2004 http://www.debian.org/security/faq -...
Microsoft BizTalk Server multiple bugs
SQL injection, buffer overflow in HTTP client code...
CVE-1999-1124
CVE-1999-1124 describes a flaw in the HTTP Client application within ColdFusion where an attacker can bypass access restrictions on pages on other ports. The root cause is that the mainframeset.cfm flow retrieves the target page from the server, making it appear as if the request originates from ...
CVE-1999-1124
HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host...
CVE-1999-1124
HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host...
Denial of Service via HTTP/2 CONTINUATION Frames
Early versions of amphp/http-client with HTTP/2 support v4.0.0-rc10 to 4.0.0 will collect HTTP/2 CONTINUATION frames in an unbounded buffer and will not check the header size limit until it has received the ENDHEADERS flag, resulting in an OOM crash. Later versions of amphp/http-client v4.1.0-rc1...