Microsoft IIS .HTR ISAPI chunked encoding buffer overflow

Added: 02/17/2006 CVE: CVE-2002-0364 BID: 4855 OSVDB: 5316 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem A heap overflow in IIS 4.0 and 5.0 when processing chunked encoding transfers of HTR request...

TrendMicro ServerProtect multiple vulnerabilities

Buffer overflows on HTTP chunked encoding parsing, DoS, directory traversal...

RSA SecurID Web Agent buffer overflow

Heap overflow on HTTP chunked encoding parsing. Stack overflow on oversized HTTP request Redirect: header...

CVE-2005-1471

Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding data...

CVE-2005-1471

Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding data...

Apache Chunked Encoding Remote Overflow / DoS

Binary data 1495.prm...

mod_jk Chunked Encoding DoS (deprecated)

Binary data 1571.prm...

Apache mod_jk < 1.2.1 Chunked Encoding DoS

Binary data 1510.prm...

RHEL 2.1 : apache (RHSA-2002:126)

The Apache Web server contains a security vulnerability which can be used to launch a denial of service DoS attack or, in some cases, allow remote code execution. Versions of the Apache Web server up to and including 1.3.24 contain a bug in the routines which deal with requests using 'chunked'...

Apache Tomcat mod_jk Invalid Transfer-Encoding Chunked Field DoS

According to the banner, the remote host is using a vulnerable version of the Apache modjk module. Such versions have a bug that could allow a remote attacker to use chunked encoding requests to desynchronize Apache and Tomcat, and therefore prevent the remote web server from working properly. C...

Apache 1.3.x + Tomcat 4.0.x4.1.x mod_jk - Chunked Encoding Denial of Service

Apache 1.3.x + Tomcat 4.0.x4.1.x modjk - Chunked Encoding Denial of Service source: https://www.securityfocus.com/bid/6320/info Apache Webserver and Tomcat are HTTP servers maintained and distributed by the Apache project. Apache Webserver and Tomcat are available for the Unix, Linux, and Microso...

Apache 1.3.x + Tomcat 4.0.x/4.1.x mod_jk - Chunked Encoding Denial of Service

source: https://www.securityfocus.com/bid/6320/info Apache Webserver and Tomcat are HTTP servers maintained and distributed by the Apache project. Apache Webserver and Tomcat are available for the Unix, Linux, and Microsoft Windows platforms. It has been reported that a denial of service exists i...

Immunity Canvas: IPLANET_CHUNKED

Name| iplanetchunked ---|--- CVE| CVE-2002-0845 Exploit Pack| CANVAS Description| iPlanet Chunked Encoding Notes| References: http://www.sun.com/service/sunone/software/alerts/transferencodingalert-23july2002.html http://www.eeye.com/html/Research/Advisories/AD20020808a.html CVE Name: CVE-2002-08...

iPlane chunked encoding buffer overflow

chunk-encoding POST request heap overflow...

CVE-2002-0364

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."...

Moderate: Red Hat Security Advisory: : : : Updated Apache packages fix chunked encoding issue

The Apache Web server contains a security vulnerability which can be used to launch a denial of service attack or, in some cases, allow remote code execution. Versions of the Apache Web server up to and including 1.3.24 contain a bug in the routines which deal with requests using "chunked"...

Apache 1.x2.0.x - Chunked-Encoding Memory Corruption (1)

Apache 1.x2.0.x - Chunked-Encoding Memory Corruption 1 // source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretatio...

Apache 1.x2.0.x - Chunked-Encoding Memory Corruption (2)

Apache 1.x2.0.x - Chunked-Encoding Memory Corruption 2 // source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretatio...

Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (2)

// source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretation of an unsigned integer value. Consequently, several...

Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (1)

// source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretation of an unsigned integer value. Consequently, several...