CVE-2023-30802 Sangfor Next-Gen Application Firewall Source Code Disclosure

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field...

eStara SoftPhone 3.0.1 SIP Packet Multiple Malformed Field DoS

No description provided by source. source: http://www.securityfocus.com/bid/16629/info eStara Smartphone is prone to multiple denial-of-service vulnerabilities when processing malformed VOIP headers. Successful exploitation will cause the device to crash. For the negative 'Expires' field issue:...

CVE-2014-3788

Heap-based buffer overflow in the Web Server in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary code via a negative value in the Content-Length field in a request...

CVE-2014-3788

Heap-based buffer overflow in the Web Server in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary code via a negative value in the Content-Length field in a request...

Heap overflow

Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a negative Content-Length field...

NCH Officeintercom 5.20 - Remote Denial of Service

!/usr/bin/python Exploit Title: NCH Officeintercom = v5.20 Remote Denial of Service Vulnerability Date: 11/24/2010 Author: xsploited security URL: http://www.x-sploited.com/ Contact: xsploitedsecurity at x-sploited.com Software Link: http://www.nch.com.au/oi/oisetup.exe Version: = v5.20 Tested on...

WebMod 0.48 (Content-Length) Remote Buffer Overflow Exploit PoC

Exploit for unknown platform in category remote exploits =============================================================== WebMod 0.48 Content-Length Remote Buffer Overflow Exploit PoC =============================================================== / WebMod Stack Buffer Overflow by cybermind Kevin...

Cross site request forgery (csrf)

eStara SIP softphone allows remote attackers to cause a denial of service crash via an INVITE request with a Content-Length field that has more than 9 digits...

CVE-2005-3653

Heap-based buffer overflow in the iGateway service for various Computer Associates CA iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field...

Novell Open Enterprise Server Remote Manager (novell-nrm) POST Request Content-Length Overflow

The remote host is running Novell Remote Manager HTTP service for SuSE Enterprise or Open Enterprise Server. The remote version of this software is vulnerable to a heap overflow attack that may be exploited by sending a negative value for the 'Content-Length' field. Since the 'httpstkd' service...

Monit fails to properly handle negative Content-Length fields

Overview Monit fails to properly handle HTTP requests containing a negative Content-Length field. Description Monit is a utility to monitor system processes, files, directories, devices, and remote hosts. It provides a web-based interface that can be used to access the Monit server. When processi...

Microsoft IIS 5.0 - False Content-Length Field Denial of Service

source: https://www.securityfocus.com/bid/3667/info Microsoft IIS 5.0 may be prone to a denial of service condition when sent a specially crafted malformed HTTP GET header. If an IIS 5.0 web server is sent a crafted HTTP GET request which contains a falsified and excessive "Content-Length" field,...