Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (1)

// source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretation of an unsigned integer value. Consequently, several...

Apache httpd: vulnerability with chunked encoding

-----BEGIN PGP SIGNED MESSAGE----- Date: June 17, 2002 Product: Apache Web Server Versions: Apache 1.3 all versions including 1.3.24, Apache 2 all versions up to 2.0.39 Introduction: While testing for Oracle vulnerabilities, Mark Litchfield discovered a denial of service attack for Apache on...

Chunked encoding post can consume excessive memory on IIS 4.0 webserver

Overview Microsoft IIS 4.0, circa March 2000, contained a vulnerability that allowed an intruder to consume unlimited memory on a vulnerable server. Description Older versions of IIS 4.0, circa March 2000, contained a vulnerability in the chunked-encoding transfer mechanism that permitted an...

Microsoft Internet Information Server (IIS) contains remote buffer overflow in chunked encoding data transfer mechanism for HTR

Overview A buffer overflow vulnerability in IIS 4.0 and 5.0 could allow an intruder to execute arbitrary code on an IIS server with the privileges of the HTR ISAPI extension. Description Chunked encoding is a means to transfer variable-sized units of data called chunks from a web client to a web...

Apache Httpd < 2.0.37 : Apache Chunked encoding vulnerability

Malicious requests can cause various effects ranging from a relatively harmless increase in system resources through to denial of service attacks and in some cases the ability to execute arbitrary remote code...

Apache Httpd < 1.3.26 : Apache Chunked encoding vulnerability

Malicious requests can cause various effects ranging from a relatively harmless increase in system resources through to denial of service attacks and in some cases the ability to execute arbitrary remote code...

Microsoft IIS 4.05.0 - Chunked Encoding Transfer Heap Overflow (4)

Microsoft IIS 4.05.0 - Chunked Encoding Transfer Heap Overflow 4 / source: https://www.securityfocus.com/bid/4485/info A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS Internet Information Services. This...

Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow (4)

/ source: https://www.securityfocus.com/bid/4485/info A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS Internet Information Services. This condition affects IIS 4.0 and IIS 5.0. Exploitation of this...

Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow (2)

// source: https://www.securityfocus.com/bid/4485/info A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS Internet Information Services. This condition affects IIS 4.0 and IIS 5.0. Exploitation of this...

Multiple Remote Vulnerabilities in Microsoft IIS

TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Aler...

Microsoft IIS 4.05.0 - Chunked Encoding Transfer Heap Overflow (1)

Microsoft IIS 4.05.0 - Chunked Encoding Transfer Heap Overflow 1 // source: https://www.securityfocus.com/bid/4485/info A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS Internet Information Services. This...

Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow (1)

// source: https://www.securityfocus.com/bid/4485/info A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS Internet Information Services. This condition affects IIS 4.0 and IIS 5.0. Exploitation of this...

Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 buffer overflow in chunked encoding transfer mechanism for ASP

Overview A buffer overflow vulnerability in IIS 4.0, 5.0, and 5.1 could allow an intruder to execute arbitrary code on an IIS server with the privileges of the ASP ISAPI extension. Description Chunked encoding is a means to transfer variable-sized units of data called chunks from a web client to ...

Microsoft Internet Information Server (IIS) 4.0 and 5.0 buffer overflow in chunked encoding transfer mechanism for ASP

Overview A buffer overflow vulnerability in IIS 4.0 and 5.0 could allow an intruder to execute arbitrary code on an IIS server with the privileges of the ASP ISAPI extension. Description Chunked encoding is a means to transfer variable-sized units of data called chunks from a web client to a web...