CVE-2004-0009

Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user...

HTTP Server Basic Authorization Detection

Binary data 5252.prm...

Icecast < 2.0.1 HTTP Basic Authentication Remote Overflow

Binary data 2137.prm...

CVE-2004-0654

Unknown vulnerability in the Basic Security Module BSM, when configured to audit either the Administrative ad or the System-Wide Administration as audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service kernel panic...

DEBIAN-CVE-2004-0600

Buffer overflow in the Samba Web Administration Tool SWAT in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication...

CVE-2004-0600

Buffer overflow in the Samba Web Administration Tool SWAT in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication...

CVE-2004-0600

Buffer overflow in the Samba Web Administration Tool SWAT in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication...

Important: Red Hat Security Advisory: samba security update

Updated samba packages that fix buffer overflows, as well as other various bugs, are now available. Samba provides file and printer sharing services to SMB/CIFS clients. Evgeny Demidov discovered a flaw in the internal routine used by the Samba Web Administration Tool SWAT in Samba versions 3.0.2...

Samba SWAT HTTP Basic Auth base64 Overflow

The remote host is running SWAT - a web-based administration tool for Samba. There is a buffer overflow condition in the remote version of this software which might allow an attacker to execute arbitrary code on the remote host by sending a malformed authorization request or any malformed base64...

CVE-2004-0654

Unknown vulnerability in the Basic Security Module BSM, when configured to audit either the Administrative ad or the System-Wide Administration as audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service kernel panic...

Sun Solaris vulnerable to DoS when the Basic Security Module (BSM) is configured to perform auditing of specific classes

Overview There is a vulnerability in Sun Solaris that could allow local users to cause a denial of service when the Basic Security Module BSM is configured to perform auditing of specific audit classes. Description Sun Microsystems describes the Basic Security Module BSM as a "security auditing...

CVE-2004-2029

The UtilDecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service crash via a Basic Authorization HTTP request with a "A==" value...

Icecast denial of service vulnerability

Background Icecast is a program that streams audio data to listeners over the Internet. Description There is an out-of-bounds read error in the web interface of Icecast when handling Basic Authorization requests. This vulnerability can theorically be exploited by sending a specially crafted...

PT-2004-1606 · Apache · Apache Mod Ssl +1

Name of the Vulnerable Software and Affected Versions: Apache mod ssl affected versions not specified Description: The issue is related to a stack-based buffer overflow in the ssl util uuencode binary function. This occurs when mod ssl is configured to trust the issuing CA and a client certificat...

Monit 4.2 - Remote Buffer Overflow

/ THE EYE ON SECURITY RESEARCH GROUP - INDIA www eos-india net poc 305monit.c Remote Root Exploit for Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long ret; targets = "Monit-4.2-Gentoo",...

Monit 4.2 - Remote Buffer Overflow

Monit 4.2 - Remote Buffer Overflow / THE EYE ON SECURITY RESEARCH GROUP - INDIA www eos-india net poc 305monit.c Remote Root Exploit for Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long...

Web Server Incomplete Basic Authentication DoS (deprecated)

This plugin is no longer relevant, and may never have worked correctly. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2021/09/13. Deprecated by RES-74695. include"compat.inc"; ifdescription scriptid12200; scriptversion"1.14"; scriptsetattributeattribute:"pluginmodificationdate",...

Web Server HTTP Basic Authorization Header Remote Overflow DoS

It was possible to kill the web server by sending a request with a long basic authentication field. A remote attacker may exploit this vulnerability to make the web server crash continually or even execute arbitrary code. C Tenable Network Security, Inc. Affected: Monit include"compat.inc"; if...

[VulnWatch] Advisory: Multiple Vulnerabilities in Monit

Multiple Vulnerabilities in Monit I. Product Description As quoted from http://www.tildeslash.com/monit/ web page: "monit is a utility for managing and monitoring, processes, files, directories and devices on a Unix system. Monit conducts automatic maintenance and repair and can execute meaningfu...

CVE-2004-0334

InnoMedia VideoPhone is affected by an authentication bypass vulnerability where remote attackers can bypass Basic Authorization by crafting HTTP requests to specific admin/config endpoints (videophone_admindetail.asp, videophone_syscfg.asp, videophone_upgrade.asp, videophone_sysctrl.asp) contain...