DRUPAL-SA-2005-008 XSS and HTTP header injection vulnerability with uploaded files

Paul Laudanski informed us that it's possible to attach files that are able to run Javascript under Internet Explorer. Further investigation of the problem revealed that the same method can be used to inject arbitrary HTTP headers. Versions affected Drupal 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5...

HTTP Header Overflow DoS Vulnerability

It was possible to kill the web server by sending an invalid request with a too long header name or value. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Format string on HTTP header name

The remote web server seems to be vulnerable to a format string attack on HTTP headers names. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

TelCondex Simple Webserver Buffer Overflow

The TelCondex SimpleWebserver is vulnerable to a remote executable buffer overflow, due to missing length check on the referer-variable of the HTTP-header. SPDX-FileCopyrightText: 2003 Matt North Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

TelCondex Simple Webserver Buffer Overflow

The TelCondex SimpleWebserver is vulnerable to a remote executable buffer overflow, due to missing length check on the referer-variable of the HTTP-header. OpenVAS Vulnerability Test $Id: telcondex.nasl 6063 2017-05-03 09:03:05Z teissa $ Description: TelCondex Simple Webserver Buffer Overflow...

Guppy Multiple HTTP Header XSS

The remote host is running Guppy, a CMS written in PHP. The remote version of this software does not properly sanitize input to the Referer and User-Agent HTTP headers before using it in the 'error.php' script. A malicious user can exploit this flaw to inject arbitrary script and HTML code into a...

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

security flaw

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

CuteNews 1.4.0 remote code execution

CuteNews 1.4.0 possibly prior versions remote code execution software: site: http://cutephp.com/ description: "Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading, backup...

CuteNews flood.db.php HTTP Header PHP Code Injection

Binary data 3230.prm...

CuteNews flood.db.php Client-IP HTTP Header Arbitrary Code Injection

The version of CuteNews installed on the remote host fails to properly sanitize the IP addresses of clients using the system before logging them to a known file. An attacker can exploit this flaw to inject arbitrary PHP code through a Client-IP request header and then execute that code by...

CVE-2005-2888

Multiple SQL injection vulnerabilities in MyBulletinBoard MyBB Preview Release 2 allow remote attackers to execute arbitrary SQL commands via the 1 fid parameter to misc.php or 2 Content-Disposition field in the HTTP header to newreply.php...

[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 805-1 [email protected] http://www.debian.org/security/ Martin Schulze September 8th, 2005 http://www.debian.org/security/faq -...

CVE-2005-2806

client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows remote attackers to cause a denial of service application hang via an HTTP header containing only a ":" colon, possibly leading to an integer signedness error due to a missing field name or value...

CVE-2005-2806

BNBT EasyTracker (Windows BNBT EasyTracker, client.cpp) vulnerability CVE-2005-2806 affects version 7.7r3.2004.10.27 and earlier. A remote attacker can cause a denial of service (application hang) by sending an HTTP header containing only a ":". The description notes this may involve an integer s...

BTDT BitTorent port DoS

Null HTTP header integer underflow...

CVE-2005-2728

The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service memory consumption via an HTTP header with a large Range field...

CVE-2005-2721

Multiple cross-site scripting XSS vulnerabilities in 1 index.php or 2 admin.php in Foojan PHP Weblog allow remote attackers to inject arbitrary web script or HTML via the Referer field in the HTTP header...