tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

CVE-2002-2394

InterScan VirusWall 3.6 for Linux and 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 chunked transfer encoding...

CVE-2002-2394

InterScan VirusWall 3.6 for Linux and 3.52 for Windows is affected by a vulnerability that allows remote attackers to bypass antivirus protection and potentially execute arbitrary code through HTTP/1.1 chunked transfer encoding. Affected components: VirusWall on Linux (3.6) and Windows (3.52). Ro...

CVE-2003-1415

NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification...

CVE-2007-5094

Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by...

IPSwitch IMail Server 8.0x Remote Heap Overflow Exploit

No description provided by source. / by axis 2007-06-05 http://www.ph4nt0m.org Mail-List: http://list.ph4nt0m.org 脪脭脟掳脫脨脮芒啪枚脪禄啪枚imail碌脛exp PRIVATE Remote Exploit For IMAIL Smtp Server1.2 This is For imail 8.01-8.11 version Usage:faint.exe -d host options Options: -d: Hostname to attack Required -...

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

tomcat multiple content-length header poisioning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

GLSA-200606-05 : Pound: HTTP request smuggling

The remote host is affected by the vulnerability described in GLSA-200606-05 Pound: HTTP request smuggling Pound fails to handle HTTP requests with conflicting 'Content-Length' and 'Transfer-Encoding' headers correctly. Impact : An attacker could exploit this vulnerability by sending HTTP request...

Integer overflow

Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding...

CVE-2006-1441

CVE-2006-1441: Affected software is Apple Mac OS X 10.4.6 CFNetwork. The vulnerability is an integer overflow in CFNetwork triggered by crafted chunked transfer encoding, allowing remote attackers to execute arbitrary code. No exploit details or specific patch/version remediation are provided in ...

CVE-2006-1441

Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding...

DEBIAN-CVE-2005-3751

HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers...

CVE-2005-3751

HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers...

Apache Httpd < 2.0.55 : HTTP Request Spoofing

A flaw occured when using the Apache server as a HTTP proxy. A remote attacker could send a HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, causing Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server ...

Mandrake Linux Security Advisory : apache (MDKSA-2005:130)

Watchfire reported a flaw that occured when using the Apache server as a HTTP proxy. A remote attacker could send an HTTP request with both a 'Transfer-Encoding: chunked' header and a 'Content-Length' header which would cause Apache to incorrectly handle and forward the body of the request in a w...

security flaw

Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service crash and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP...