390 matches found
CVE-2003-1039
Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to 1 Message Server, 2 Web Dispatcher, or 3 Application Server...
Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy
Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy source: https://www.securityfocus.com/bid/8584/info Malicious HTTP HOST header field can be used on CacheOS to tunnel arbitrary TCP connections through a HTTP request. It has been reported that CacheFlow CacheOS may allow the misuse of the HOST header...
Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy
source: https://www.securityfocus.com/bid/8584/info Malicious HTTP HOST header field can be used on CacheOS to tunnel arbitrary TCP connections through a HTTP request. It has been reported that CacheFlow CacheOS may allow the misuse of the HOST header value. This may provide for the use of an...
Log spoofing in NetGear RP114
HTTP Host: header is used for log record...
CVE-2002-0532
EMU Webmail allows local users to execute arbitrary programs via a .. dot dot in the HTTP Host header that points to a Trojan horse configuration file that contains a pageroot specifier that contains shell metacharacters...
Savant Web Server has a buffer overflow vulnerability
Overview Savant Web Server has a buffer overflow vulnerability in handling of the HTTP 1.1 Host header. Description Savant Web Server has a buffer overflow vulnerability in handling of the HTTP 1.1 Host header. HTTP requests with long Host headers will cause Savant to crash. --- Impact Remote...
CVE-2002-0801
Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file...
Buffer overflo in TUX HTTPD and SYN Cookie protection bypass
Buffer overflow on long HTTP HOST header. By using Syncookie it's possible to bypass packet filtering...
WebSphere application server plugin issue & vendor fix
I've had the opportunity to work with IBM WebSphere application server for a few months now and, in the course of playing around with some buffer overrun testing, a potential issue came up. WebSphere uses the HTTP Host: header to decide which WAS Virtual Host will service a particular request...
Imail Web Service Remote DoS Attack v.2
Imail Web Service Remote DoS Attack v.2 Release Date: August 17, 2000 Systems Affected: Ipswitch Imail 6.00 2-1 Description: The following is a simple DoS we found while working on Retina's CHAMCommon Hacking Attack Methods HTTP auditing module which should be released within the next two weeks...