Monit <= 4.2 Basic Authentication Remote Root Exploit

No description provided by source. / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit = 4.2 Vulnerability: Buffer overflow in handling of Basic Authentication informations. Server authenticates clients through: Authentication: Basic...

Monit 4.2 - Basic Authentication Remote Code Execution

Monit 4.2 - Basic Authentication Remote Code Execution / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware...

Apache Httpd < 2.0.52 : Basic authentication bypass

A flaw in Apache 2.0.51 only broke the merging of the Satisfy directive which could result in access being granted to resources despite any configured authentication...

CVE-2004-0009

Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user...

Icecast < 2.0.1 HTTP Basic Authentication Remote Overflow

Binary data 2137.prm...

CVE-2004-0600

Buffer overflow in the Samba Web Administration Tool SWAT in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication...

DEBIAN-CVE-2004-0600

Buffer overflow in the Samba Web Administration Tool SWAT in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication...

CVE-2004-0600

Buffer overflow in the Samba Web Administration Tool SWAT in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication...

Important: Red Hat Security Advisory: samba security update

Updated samba packages that fix buffer overflows, as well as other various bugs, are now available. Samba provides file and printer sharing services to SMB/CIFS clients. Evgeny Demidov discovered a flaw in the internal routine used by the Samba Web Administration Tool SWAT in Samba versions 3.0.2...

Monit 4.2 - Remote Buffer Overflow

/ THE EYE ON SECURITY RESEARCH GROUP - INDIA www eos-india net poc 305monit.c Remote Root Exploit for Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long ret; targets = "Monit-4.2-Gentoo",...

Monit 4.2 - Remote Buffer Overflow

Monit 4.2 - Remote Buffer Overflow / THE EYE ON SECURITY RESEARCH GROUP - INDIA www eos-india net poc 305monit.c Remote Root Exploit for Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long...

Web Server Incomplete Basic Authentication DoS (deprecated)

This plugin is no longer relevant, and may never have worked correctly. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2021/09/13. Deprecated by RES-74695. include"compat.inc"; ifdescription scriptid12200; scriptversion"1.14"; scriptsetattributeattribute:"pluginmodificationdate",...

Web Server HTTP Basic Authorization Header Remote Overflow DoS

It was possible to kill the web server by sending a request with a long basic authentication field. A remote attacker may exploit this vulnerability to make the web server crash continually or even execute arbitrary code. C Tenable Network Security, Inc. Affected: Monit include"compat.inc"; if...

[VulnWatch] Advisory: Multiple Vulnerabilities in Monit

Multiple Vulnerabilities in Monit I. Product Description As quoted from http://www.tildeslash.com/monit/ web page: "monit is a utility for managing and monitoring, processes, files, directories and devices on a Unix system. Monit conducts automatic maintenance and repair and can execute meaningfu...

CVE-2004-0009

Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user...

CVE-2004-0009

Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user...

ApacheSSL protection bypass

In basic authentication emulation mode it's possible to access server without certificate...

Apache-SSL security advisory - apache_1.3.28+ssl_1.52 and prior

Apache-SSL optional client certificate vulnerability ---------------------------------------------------- Synopsis -------- If configured with SSLVerifyClient set to 1 or 3 client certificates optional and SSLFakeBasicAuth, Apache-SSL 1.3.28+1.52 and all earlier versions would permit a client to...

Apache-SSL optional client certificate vulnerability

From the Apache-SSL security advisory: If configured with SSLVerifyClient set to 1 or 3 client certificates optional and SSLFakeBasicAuth, Apache-SSL 1.3.28+1.52 and all earlier versions would permit a client to use real basic authentication to forge a client certificate. All the attacker needed ...

Microsoft SharePoint Portal and Team Services

There is a bug in how the authentication mode works with the web-based administration page. This page resides, in the Web Servers with Sharepoint, in http://www.example.com/layouts/settings.htm or http://www.example.com/somedirectory/layouts/settings.htm This page is usually protected by NT Basic...