Lucene search
K

106 matches found

NVD
NVD
added 2002/07/03 4:0 a.m.31 views

CVE-2002-0364

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."...

7.5CVSS7.7AI score0.31005EPSS
Exploits4References10
Exploit DB
Exploit DB
added 2002/06/17 12:0 a.m.90 views

Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (1)

// source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretation of an unsigned integer value. Consequently, several...

7AI score
Exploits0
CERT
CERT
added 2002/04/10 12:0 a.m.43 views

Microsoft Internet Information Server (IIS) 4.0 and 5.0 buffer overflow in chunked encoding transfer mechanism for ASP

Overview A buffer overflow vulnerability in IIS 4.0 and 5.0 could allow an intruder to execute arbitrary code on an IIS server with the privileges of the ASP ISAPI extension. Description Chunked encoding is a means to transfer variable-sized units of data called chunks from a web client to a web...

7.5CVSS7.5AI score0.77341EPSS
Exploits4References5
CVE
CVE
added 2002/03/09 5:0 a.m.51 views

CVE-2001-0665

Affected product: Internet Explorer 6 and earlier. Vulnerability: HTTP Request Encoding allows remote attackers to trigger what look like user-originated HTTP requests, potentially enabling privilege escalation or execution of operations in web-based services. Root cause: encoding flaw in HTTP re...

7.5CVSS7.5AI score0.12094EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2001/09/06 12:0 a.m.32 views

%u encoding IDS bypass vulnerability

u encoding IDS bypass vulnerability Release Date: September 5, 2001 Severity: Medium Systems Affected: Cisco Secure Intrusion Detection System, formerly known as NetRanger, Sensor component. Cisco Catalyst 6000 Intrusion Detection System Module ISS RealSecure Network Sensor 5.x and 6.x before XPU...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2001/08/23 12:0 a.m.29 views

CuteFTP 4.2 - Default Weak Password Encoding

source: https://www.securityfocus.com/bid/3233/info CuteFTP is a popular commercial FTP client for Microsoft Windows systems. CuteFTP v4.2and possibly earlier versions uses a weak system for encoding passwords for accounts on FTP sites. Passwords are stored in a file called 'sm.dat', and can be...

7.4AI score
Exploits0
Rows per page
Query Builder