5781 matches found
Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow
No description provided by source. Exploit Title: Ultra Mini HTTPD stack buffer overflow POST request Date: 16 Feb 2014 Exploit Author: Sumit Vendor Homepage: http://www.picolix.jp/ Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.21 Tested on: Windows XP Professiona...
Apache Httpd < 2.4.10 : WinNT MPM denial of service
A flaw was found in the WinNT MPM in httpd versions 2.4.1 to 2.4.9, when using the default AcceptFilter for that platform. A remote attacker could send carefully crafted requests that would leak memory and eventually lead to a denial of service against the server...
AN HTTPD 1.x Count.pl Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7397/info AN HTTPd contains a sample script named count.pl that may be used as a web counter. This script does not perform adequate access validation on paths containing directory traversal ../ character seqences. The...
CodeBlue 5.1 SMTP Response Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5300/info CodeBlue is an Apache httpd log scanning utility that attempts to contact the administrators of hosts infected with worms. A buffer overflow vulnerability has been reported in CodeBlue. The condition occurs when...
textcounter.pl 1.2 Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of entered...
Ultra Mini HTTPD 1.21 - Stack Buffer Overflow
No description provided by source. Exploit Title: Ultra Mini HTTPD stack buffer overflow Date: 10 July 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://www.picolix.jp/ Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.21 Tested on...
Rosiello Security Sphiro HTTPD 0.1 B Remote Heap Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10249/info It has been reported that Sphiro HTTPD is prone to a remote heap based buffer overflow vulnerability. This issue is due to a failure of the application to properly verify buffer boundaries before storing input ...
Mephistoles HTTPD 0.6 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9470/info Mephistoles 'httpd' daemon fails to sanitize user-supplied input, making it vulnerable to cross-site scripting attacks. This vulnerability allows an attacker to construct a malicious link containing HTML or scri...
BusyBox 1.01 HTTPD Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20067/info The httpd daemon of BusyBox is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from...
ATP httpd 0.4 Single Byte Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5956/info ATP httpd is a lightweight HTTP server. A vulnerability has been reported in ATP httpd that may result in compromise of root access to remote attackers. It is possible to overwrite the least significant byte of...
AN HTTPD 1.41 e Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6529/info AN HTTPD does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be executed i...
Ultra Mini HTTPD Stack Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Evolvable Shambala Server 4.5 Web Server Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4897/info Shambala Server is a FTP, Web, and Chat server targeted for the Small Office/Home Office user. It has been reported that Shambala Server's web server may be prone to a denial of service vulnerability. The denial...
NCSA httpd-campas 1.2 sample script Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1975/info Campas is a sample CGI script shipped with some older versions of NCSA HTTPd, an obsolete web server package. The versions that included the script could not be determined as the server is no longer maintained,...
Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementatio...
Null HTTPD 0.5 - Remote Heap Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6255/info A heap corruption vulnerability has been discovered in Null httpd. By passing a small content length value to the server and triggering the server to make a second recv of POST data, it is possible to overrun a...
Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (4)
No description provided by source. source: http://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementatio...
Netscape FastTrack Server 3.0.1 Fasttrack Root Directory Listing Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/481/info Netscape's Fasttrack server is supposed to display a directory listing if the follwing three conditions are met: 1: Directory listing is enabled 2: No filename is specified in the requested URL 3: There is no ind...
Cobalt RaQ4 Administrative Interface Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6326/info The RaQ4 is a server appliance distributed and maintained by Sun Microsystems. A vulnerability has been reported in the web administration interface of the RaQ4. It is possible for a remote attacker to execute...
Null HTTPd 0.5 - Remote Heap Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5774/info Null httpd is a small multithreaded web server for Linux and Windows, mantained by NullLogic. A remotely exploitable heap overflow has been discovered in Null httpd. By passing a negative content length value to...