Lucene search
K

36 matches found

0day.today
0day.today
added 2018/12/08 12:0 a.m.91 views

MiniShare 1.4.1 HEAD / POST Buffer Overflow Exploit

Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...

9.8CVSS0.3AI score0.71908EPSS
Exploits11
Packet Storm
Packet Storm
added 2018/12/07 12:0 a.m.321 views

MiniShare 1.4.1 HEAD / POST Buffer Overflow

Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...

7.5CVSS0.6AI score0.71908EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2015/03/18 12:0 a.m.96 views

HP Universal Configuration Management Database Server Authentication Bypass

The version of HP Universal Configuration Management Database Server running on the remote web server is affected by an authentication bypass vulnerability due to the JMX-Console component performing access control only for GET and POST methods. A remote attacker, using the HTTP HEAD method, can...

5CVSS5.7AI score0.37022EPSS
Exploits5References2
Kitploit
Kitploit
added 2014/01/08 7:0 a.m.30 views

[THC-Hydra v7.6] Fast Parallel Network Logon Cracker

Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast. Features IPv6 Support Graphic User Interface Internationalized support RFC 4013 HTTP proxy support SOCKS proxy support The tool suppor...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2013/12/17 1:23 a.m.31 views

[THC-Hydra 7.5] Fast Parallel Network Logon Cracker

Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast. Features IPv6 Support Graphic User Interface Internationalized support RFC 4013 HTTP proxy support SOCKS proxy support The tool suppor...

7AI score
Exploits0
myhack58
myhack58
added 2013/04/10 12:0 a.m.22 views

Easy to want to buy the system through the kill SQL injection vulnerability analysis and exploit-vulnerability warning-the black bar safety net

Just open the red and black see J8 friends write aeasy to want to buy the system to the latest version through the killarticle, look at his posted code there is a getclientipfunction, haha, I guess not filtered, decisive under a set of procedures. Find getclientipfunction. // Get the Client IP...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2013/01/10 12:0 a.m.75 views

Nero MediaHome Multiple Remote DoS Vulnerabilities

Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Versions: 4.5.8.0 and probably prior Tested Version: 4.5.8.0 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper Handling of Length Parameter Inconsistency...

5CVSS0.3AI score0.07681EPSS
Exploits6
exploitpack
exploitpack
added 2013/01/10 12:0 a.m.70 views

Nero MediaHome 4.5.8.0 - Denial of Service

Nero MediaHome 4.5.8.0 - Denial of Service Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Versions: 4.5.8.0 and probably prior Tested Version: 4.5.8.0 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper...

5CVSS6.5AI score0.07681EPSS
Exploits6
securityvulns
securityvulns
added 2012/12/09 12:0 a.m.82 views

TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities

Advisory ID: HTB23120 Product: TVMOBiLi media server Vendor: TVMOBiLi Vulnerable Versions: 2.1.0.3557 and probably prior version Tested Version: 2.1.0.3557 in Windows XP SP3 32 bits Vendor Notification: October 15, 2012 Vendor Patch: November 21, 2012 Public Disclosure: December 5, 2012...

5CVSS6.7AI score0.03988EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2009/11/16 12:0 a.m.17 views

IBM WebSphere Application Server < 7.0.0.7 Multiple Vulnerabilities

Binary data 5235.prm...

5CVSS7.3AI score0.01931EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/11/13 12:0 a.m.34 views

IBM WebSphere Application Server 7.0 < Fix Pack 7

IBM WebSphere Application Server 7.0 before Fix Pack 7 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - A cross-site request forgery vulnerability exists due to insufficient validation of user-supplied input by the administrative console...

6.8CVSS5.3AI score0.02775EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2008/10/24 12:0 a.m.46 views

HTTP NIDS evasion

This plugin configures OpenVAS for NIDS evasion see the SPDX-FileCopyrightText: 2008 Michel Arboi / Renaud Deraison Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only The HTTP IDS evasion...

7.1AI score
Exploits0References1
Cvelist
Cvelist
added 2005/10/25 4:0 a.m.27 views

CVE-2004-2534

Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of service connection consumption by sending a large number HTTP HEAD requests...

6.7AI score0.04139EPSS
Exploits0References6
NVD
NVD
added 2004/12/31 5:0 a.m.20 views

CVE-2004-2534

Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of service connection consumption by sending a large number HTTP HEAD requests...

7.8CVSS6.7AI score0.04139EPSS
Exploits0References6
securityvulns
securityvulns
added 2004/11/24 12:0 a.m.51 views

[SA13268] Fastream NETFile FTP/Web Server Multiple HEAD Requests Denial of Service

TITLE: Fastream NETFile FTP/Web Server Multiple HEAD Requests Denial of Service SECUNIA ADVISORY ID: SA13268 VERIFY ADVISORY: http://secunia.com/advisories/13268/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: Fastream NETFile FTP/Web Server 6.x http://secunia.com/product/2455/...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/11/19 12:0 a.m.101 views

Fastream NETFile FTP/Web Server HEAD Request Saturation DoS

The remote host appears to be running FastStream NETFile Server version 7.1 or older. These versions do not close the connection when an HTTP HEAD request is received with the keep-alive option set. An attacker may exploit this flaw by sending multiple HEAD requests to the remote host, thus...

7.8CVSS5.5AI score0.04139EPSS
Exploits0References2
Rows per page
Query Builder