Sumus 0.2.2 - HTTPd Remote Buffer Overflow

/ sumusv0.2.2: httpd remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xsumus.c -o xsumus syntax: ./xsumus -pscrln -h host sumus homepage/url: http://sumus.sourceforge.net Mus is a Spanish cards game played by 4 folks around a table. SUMUS is a server for...

Sumus 0.2.2 - HTTPd Remote Buffer Overflow

Sumus 0.2.2 - HTTPd Remote Buffer Overflow / sumusv0.2.2: httpd remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xsumus.c -o xsumus syntax: ./xsumus -pscrln -h host sumus homepage/url: http://sumus.sourceforge.net Mus is a Spanish cards game played by 4...

Sumus 0.2.2 httpd Remote Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ================================================ Sumus 0.2.2 httpd Remote Buffer Overflow Exploit ================================================ / sumusv0.2.2: httpd remote buffer overflow exploit. by: vade79/v9 email protected...

CVE-2005-1087

CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request...

CVE-2005-1087

The CVE-2005-1087 entry concerns the AN HTTPD Server 1.42n, specifically the cmdIS.DLL plugin . It describes a CRLF injection vulnerability triggered by CRLF sequences in an HTTP request, enabling remote attackers to spoof or hide logfile entries and potentially read files via an injected type co...

CVE-2005-1086

Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header...

CVE-2005-1086

The CVE-2005-1086 entry concerns AN HTTPD Server 1.42n, specifically the cmdIS.DLL plugin. The issue is a buffer overflow in the plugin when processing an HTTP request with a long User-Agent header, enabling remote code execution. The available documents identify the vulnerable component and caus...

[SA14861] AN HTTPD cmdIS.DLL Buffer Overflow and Log File Injection

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: AN HTTPD cmdIS.DLL Buffer Overflow and Log File...

Multiple AN HTTPD Web Server vulnerabilities

Buffer overflows, crossite scripting...

AN HTTPD - CMDIS.dll Remote Buffer Overflow (PoC)

AN HTTPD - CMDIS.dll Remote Buffer Overflow PoC source: https://www.securityfocus.com/bid/13066/info AN HTTPD is reported prone to a remote buffer overflow vulnerability. Specifically, the issue presents itself in 'cmdIS.DLL' which calls the 'GetEnvironmentStrings' function to copy environment...

AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/13066/info AN HTTPD is reported prone to a remote buffer overflow vulnerability. Specifically, the issue presents itself in 'cmdIS.DLL' which calls the 'GetEnvironmentStrings' function to copy environment variables into a finite sized process buffer. The...

AN HTTPD 1.42 - Arbitrary Log Content Injection

AN HTTPD 1.42 - Arbitrary Log Content Injection source: https://www.securityfocus.com/bid/13069/info AN HTTPD is affected by a vulnerability that may allow remote attacker to inject arbitrary content in to the log file. This issue arises due to a failure of input validation. Corruption of logs ma...

AN HTTPD 1.42 - Arbitrary Log Content Injection

source: https://www.securityfocus.com/bid/13069/info AN HTTPD is affected by a vulnerability that may allow remote attacker to inject arbitrary content in to the log file. This issue arises due to a failure of input validation. Corruption of logs may result in concealing attacks and/or misleading...

CVE-2005-1087

CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request...

[Full-disclosure] Samsung ADSL Modem Vulnerability

------------------------------------------------------------ - EXPL-A-2005-002 exploitlabs.com Advisory 031 - ------------------------------------------------------------ - Samsung ADSL Modem - AFFECTED PRODUCTS ================= Samsung ADSL Modem Samgsung Eletronics http://www.samsung.com DETAI...

Exploit Labs Security Advisory 2005.2

------------------------------------------------------------ - EXPL-A-2005-002 exploitlabs.com Advisory 031 - ------------------------------------------------------------ - Samsung ADSL Modem - AFFECTED PRODUCTS ================= Samsung ADSL Modem Samgsung Eletronics http://www.samsung.com DETAI...

CERN httpd CGI Name Handling Remote Overflow

The remote web server stopped responding after sending it a GET request for a CGI script with a arbitrary long file name. This is known to trigger a heap overflow in some servers like CERN HTTPD. An attacker may use this flaw to disrupt the remote service and possibly even run malicious code on t...

CERN httpd Double Slash Protected Webpage Bypass

The remote web server allows an attacker to access protected web pages by replacing slashes in the URL with '//' or '/./', which is a known problem in older versions of CERN web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17230; scriptversion"1.19";...

AWStats 5.7 < 6.2 - Multiple Remote

/ AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats software. an user can execute remote code on vulnerable machine, with httpd privileges. References: www.securityfocus.org/bid/12543 coded by: Silentium of Anacron Group Italy date:...

AWStats 5.7 6.2 - Multiple Remote

AWStats 5.7 6.2 - Multiple Remote / AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats software. an user can execute remote code on vulnerable machine, with httpd privileges. References: www.securityfocus.org/bid/12543 coded by:...