1215 matches found
CVE-2006-7121
The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote attackers to cause a denial of service reboot via 1 a long URL, or a long 2 username or 3 password during Basic Authentication...
CVE-2006-6982
3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials...
Monit <= 4.2 Remote Root Buffer Overflow Exploit
Exploit for linux platform in category remote exploits ================================================ Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long ret; targets = "Monit-4.2-Gentoo",...
Too Long Basic Authentication DoS Vulnerability
It was possible to kill the web server by sending a request with a too long Basic authentication field. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Directory Scanner (HTTP)
HTTP based detection of various common dirs on the remote web server. SPDX-FileCopyrightText: 2005 Digital Defense Inc. SPDX-FileCopyrightText: Improved code and additional directories since 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...
Incomplete Basic Authentication DoS Vulnerability
It was possible to kill the web server by sending an invalid request with an incomplete Basic authentication. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...
XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit
No description provided by source. tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research. http://pear.php.net/bugs/bug.php?id=4692 xmlrpc...
CVE-2001-1496
CVE-2001-1496 affects thttpd (Acme Labs) with an off-by-one buffer overflow in Basic Authentication across versions 1.95–2.20. The underlying issue is a buffer overflow in the Basic Auth handling, enabling remote attackers to cause a denial of service and potentially execute arbitrary code. Explo...
CVE-2001-1496
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code...
Microsoft ISA Server HTTP/HTTPS Service Basic Auth Information Disclosure Vulnerability
Description Microsoft Internet Security and Acceleration ISA server is prone to an information disclosure vulnerability. Reports indicate that the issue manifests when an ISA server is publishing a Web service that has Basic authentication enabled, but the Web publishing rules that process the...
CVE-2002-1654
The CVE affects iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1. A flaw allows remote attackers to initiate HTTP Basic Authentication through the wp-force-auth Web Publisher command, creating a distinct attack vector and potentially making brute-force password gue...
CVE-2004-1897
Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service segmentation fault by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read...
DEBIAN-CVE-2004-1897
Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service segmentation fault by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read...
Monit 4.2 - Basic Authentication Remote Code Execution
Monit 4.2 - Basic Authentication Remote Code Execution / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware...
Monit <= 4.2 Basic Authentication Remote Root Exploit
Exploit for linux platform in category remote exploits ===================================================== Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware 8.1 Update Code :...
Monit <= 4.2 Basic Authentication Remote Root Exploit
No description provided by source. / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit = 4.2 Vulnerability: Buffer overflow in handling of Basic Authentication informations. Server authenticates clients through: Authentication: Basic...
Monit 4.2 - Basic Authentication Remote Code Execution
/ THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware 8.1 Update Code :...
Apache Httpd < 2.0.52 : Basic authentication bypass
A flaw in Apache 2.0.51 only broke the merging of the Satisfy directive which could result in access being granted to resources despite any configured authentication...
CVE-2004-0009
Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user...
Icecast < 2.0.1 HTTP Basic Authentication Remote Overflow
Binary data 2137.prm...