172 matches found
httpd: Uninitialized memory reflection in mod_auth_digest
It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to...
CVE-2014-7859
Stack-based buffer overflow in loginmgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting malformed "Host" and "Referer" header values...
httpd: Uninitialized memory reflection in mod_auth_digest
It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to...
ALPINE-CVE-2017-7668
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows apfindtoken to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to...
DEBIAN-CVE-2017-7668
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows apfindtoken to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to...
httpd: Incomplete handling of LimitRequestFields directive in mod_http2
A vulnerability was found in httpd's handling of the LimitRequestFields directive in modhttp2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash...
CVE-2017-6549
Session hijack vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmware before...
UBUNTU-CVE-2016-10074
The mail transport aka SwiftTransportMailTransport in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double quote in a crafted e-mail address in the 1 From, 2 ReturnPath, or 3 Sender...
Unspecified Vulnerability in Apache HTTP Server
Apache httpd is the U.S. Apache Apache Software Foundation, an open source HTTP server developed and maintained specifically for modern operating systems. A security vulnerability exists in Apache httpd, which stems from the program's failure to properly parse HTTP headers. A remote attacker coul...
php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
The exifprocessIFDTAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted...
CVE-2016-6412
The Cisco Application-hosting Framework CAF component in Cisco IOS 15.61T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle attackers to trigger arbitrary downloads via crafted HTTP headers, aka Bug ID CSCuz84773...
PT-2016-3899 · Gdcm · Grassroot Dicom
Name of the Vulnerable Software and Affected Versions: Grassroots DICOM aka GDCM versions prior to 2.6.2 Description: The issue is related to an integer overflow in the ImageRegionReader::ReadIntoBuffer function, which can be triggered by crafted header dimensions in a DICOM image file. This can...
Squid HTTP Header Injection Vulnerability
Squid Cache or Squid for short is a popular proxy server and web caching server software. A vulnerability in Squid's handling of HTTP responses with specially crafted headers allows attackers to exploit the vulnerability for HTTP response splitting attacks...
Server side request forgery (ssrf)
Plex Media Server before 0.9.9.3 allows remote attackers to bypass the web server whitelist, conduct SSRF attacks, and execute arbitrary administrative actions via multiple crafted X-Plex-Url headers to system/proxy, which are inconsistently processed by the request handler in the backend web...
CVE-2014-6609
The respjsippubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service crash via crafted headers in a SIP SUBSCRIBE request for an event package...
CVE-2014-6609
The respjsippubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service crash via crafted headers in a SIP SUBSCRIBE request for an event package...
DEBIAN-CVE-2014-3985
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
CVE-2014-3609
HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service crash via a request with crafted "Range headers with unidentifiable byte-range values."...
Out-of-bounds
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
procmail: Heap-overflow in procmail's formail utility when processing specially-crafted email headers
A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send an email with specially crafted headers that, when processed by formail, could cause procmail to crash or, possibly, execute arbitrary code as the user running formail...