CVE-2005-3751

HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers...

CVE-2005-3751

Pound fixes before 1.9.4 are exposed as an HTTP request smuggling vulnerability: conflicting Content-length and Transfer-encoding headers can allow remote attackers to poison caches, bypass WAFs, and enable XSS. The description notes the vulnerable window (before 1.9.4) but does not provide expli...

CVE-2005-3751

HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers...

Snitz Forums 2000 HTTP Response Splitting

The remote host is using Snitz Forums 2000 - an ASP based forum/bbs. There is a bug in this software which makes it vulnerable to HTTP response splitting vulnerability. SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright...

HTTP User-Agent Overflow DoS Vulnerability

It was possible to kill the web server by sending an invalid GET request with a too long User-Agent field. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

PHProxy XSS Vulnerability

PHProxy is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2005-3449

Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln 1 AS02 in Containers for J2EE, 2 AS07 in Internet Directory, 3 AS09 in Report Server, and 4 AS11 in Web Cache...

CVE-2005-3452

Unspecified vulnerability in Web Cache in Oracle Application Server 1.0 up to 9.0.4.2 has unknown impact and attack vectors, as identified by Oracle Vuln AS13...

CVE-2005-3453

Multiple unspecified vulnerabilities in Web Cache in Oracle Application Server 1.0 up to 10.1.2.0 has unknown impact and attack vectors, as identified by Oracle Vuln 1 AS12 and 2 AS14...

CVE-2005-3452

Technical details, affected products/versions, and remediation for CVE-2005-3452 are not publicly available in the provided documents. Monitor for updates.

CVE-2005-3453

Technical details for CVE-2005-3453 are not publicly provided in the supplied documents; the connected data lists only generic references to multiple unspecified vulnerabilities in Oracle Web Cache. Monitor for updates.

CVE-2005-3453

Multiple unspecified vulnerabilities in Web Cache in Oracle Application Server 1.0 up to 10.1.2.0 has unknown impact and attack vectors, as identified by Oracle Vuln 1 AS12 and 2 AS14...

CVE-2005-3452

Unspecified vulnerability in Web Cache in Oracle Application Server 1.0 up to 9.0.4.2 has unknown impact and attack vectors, as identified by Oracle Vuln AS13...

Oracle Application Server Web Cache vulnerability

Overview Oracle Applications Server Web Cache contains an unspecified information disclosure vulnerability. Description Oracle Applications Server Web Cache contains a vulnerability. The details of this vulnerability are not clear. However, Oracle states this issue can allow an attacker to easily...

[SECURITY] [DSA 803-1] New Apache packages fix HTTP request smuggling

-------------------------------------------------------------------------- Debian Security Advisory DSA 803-1 [email protected] http://www.debian.org/security/ Martin Schulze September 8th, 2005 http://www.debian.org/security/faq -...

DSA-803-1 apache - programming error

Bulletin has no description...

FreeBSD : apache -- http request smuggling (651996e0-fe07-11d9-8329-000e0c2e438a)

A Watchfire whitepaper reports an vulnerability in the Apache webserver. The vulnerability can be exploited by malicious people causing cross site scripting, web cache poisoining, session hijacking and most importantly the ability to bypass web application firewall protection. Exploiting this...

apache -- http request smuggling

A Watchfire whitepaper reports an vulnerability in the Apache webserver. The vulnerability can be exploited by malicious people causing cross site scripting, web cache poisoining, session hijacking and most importantly the ability to bypass web application firewall protection. Exploiting this...

CVE-2005-2088

The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Lengt...

CVE-2005-2093

Oracle 9i Application Server Oracle9iAS 9.0.2 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Application Server to...