ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability

ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-015.html April 18, 2007 -- CVE ID: CVE-2007-2171 -- Affected Vendor: Novell -- Affected Products: Groupwise WebAccess -- TippingPointTM IPS Customer Protection:...

Stream light detection of the HTTP host in the end is what? - Vulnerability warning-the black bar safety net

Stream of light has detected the HTTP host of the function, it is for certain the need to the password of the site, and not just an ASP encoding of the protected HTML page. In the log on the HTTP host, pop up a password window, generally the first row is the IP or domain name, the second line is...

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

Novell NetMail WebAdmin buffer overflow

TCP/89 HTTP Basic authentication buffer overflow...

Stack overflow

Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication...

CVE-2007-1350

Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication...

CVE-2007-1350

Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication...

CVE-2006-7121

The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote attackers to cause a denial of service reboot via 1 a long URL, or a long 2 username or 3 password during Basic Authentication...

CVE-2006-7121

The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote attackers to cause a denial of service reboot via 1 a long URL, or a long 2 username or 3 password during Basic Authentication...

CVE-2006-6982

3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials...

Monit <= 4.2 Remote Root Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ================================================ Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long ret; targets = "Monit-4.2-Gentoo",...

Too Long Basic Authentication DoS Vulnerability

It was possible to kill the web server by sending a request with a too long Basic authentication field. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Incomplete Basic Authentication DoS Vulnerability

It was possible to kill the web server by sending an invalid request with an incomplete Basic authentication. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

Directory Scanner (HTTP)

HTTP based detection of various common dirs on the remote web server. SPDX-FileCopyrightText: 2005 Digital Defense Inc. SPDX-FileCopyrightText: Improved code and additional directories since 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...

XML-RPC Library &lt;= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit

No description provided by source. tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research. http://pear.php.net/bugs/bug.php?id=4692 xmlrpc...

CVE-2001-1496

Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code...

CVE-2001-1496

CVE-2001-1496 affects thttpd (Acme Labs) with an off-by-one buffer overflow in Basic Authentication across versions 1.95–2.20. The underlying issue is a buffer overflow in the Basic Auth handling, enabling remote attackers to cause a denial of service and potentially execute arbitrary code. Explo...

Microsoft ISA Server HTTP/HTTPS Service Basic Auth Information Disclosure Vulnerability

Description Microsoft Internet Security and Acceleration ISA server is prone to an information disclosure vulnerability. Reports indicate that the issue manifests when an ISA server is publishing a Web service that has Basic authentication enabled, but the Web publishing rules that process the...