110 matches found
CVE-2013-1692
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks...
Mozilla Firefox Multiple Vulnerabilities - June 13 (Windows)
The host is installed with Mozilla Firefox and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillafirefoxmultvulnjun13win.nasl 6086 2017-05-09 09:03:30Z teissa $ Mozilla Firefox Multiple Vulnerabilities - June 13 Windows Authors: Arun Kallavi Copyright: Copyright c...
Nero MediaHome Multiple Remote DoS Vulnerabilities
Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Versions: 4.5.8.0 and probably prior Tested Version: 4.5.8.0 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper Handling of Length Parameter Inconsistency...
Nero MediaHome 4.5.8.0 - Denial of Service
Nero MediaHome 4.5.8.0 - Denial of Service Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Versions: 4.5.8.0 and probably prior Tested Version: 4.5.8.0 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper...
TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities
Advisory ID: HTB23120 Product: TVMOBiLi media server Vendor: TVMOBiLi Vulnerable Versions: 2.1.0.3557 and probably prior version Tested Version: 2.1.0.3557 in Windows XP SP3 32 bits Vendor Notification: October 15, 2012 Vendor Patch: November 21, 2012 Public Disclosure: December 5, 2012...
Tiny Server 1.1.9 Denial Of Service
!/usr/bin/python Overflow exploiting a vulnerability in Tiny Server ' sys.exit host = sys.argv1 port = sys.argv2 buffer = 'A' 100 + 'HTTP/1.0\r\n' print '\n' print ' Tiny Server = 1.1.0HTTP HEAD request overflow' print ' Written by Brock Haun' print ' [email protected]' print '\n' try:...
EchoClient
This small handy tool uses raw IP packets in to establish a connection to the target in order to see if there is any response to a echo type of packet and determine if the connection or the channel is alive an properly established. Modified by JSacco - [email protected]...
CVE-2011-4138
Affected software: Django prior to 1.2.7 and 1.3.x prior to 1.3.1. The verify_exists URLField validation tests a URL with HEAD, but on redirects uses GET to the redirected target, potentially causing unwanted GET requests with an unintended source IP via a crafted Location header. Impact: potenti...
CVE-2011-4138
The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 originally tests a URL's validity through a HEAD request, but then uses a GET request for the new target URL in the case of a redirect, which might allow remote attackers to trigger arbitra...
Kolibri 2.0 Buffer Overflow
!/usr/bin/env python / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader gsog2009 a7 homtail d0t com Sro Debug Contact: [email protected]...
Kolibri 2.0 - 'HEAD' Remote Buffer Overflow RET (SEH)
!/usr/bin/env python / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader gsog2009 a7 homtail d0t com Sro Debug Contact: [email protected]...
Stack overflow
Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to execute arbitrary code via a long HEAD request...
PT-2010-3917 · Isharer · Isharer File Sharing Wizard
Name of the Vulnerable Software and Affected Versions: iSharer File Sharing Wizard version 1.5.0 Description: A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a long HEAD request. Recommendations: For iSharer File Sharing Wizard version 1.5.0, update to a...
CVE-2010-1316
Multiple stack-based buffer overflows in Tembria Server Monitor before 5.6.1 allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted 1 GET, 2 PUT, or 3 HEAD request, as demonstrated by a malformed GET request containing a long PATHINFO to...
Design/Logic Flaw
FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote attackers to cause a denial of service daemon crash via a HEAD request for the / URI...
CVE-2010-0496
FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote attackers to cause a denial of service daemon crash via a HEAD request for the / URI...
Serversman HTTP server DoS
Crash on HEAD request...
HTTP Methods Allowed (per directory)
By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each directory. The following HTTP methods are considered insecure: PUT, DELETE, CONNECT, TRACE, HEAD Many frameworks and languages treat 'HEAD' as a 'GET' request, albeit one without any body in the...
http-headers NSE Script
Performs a HEAD request for the root folder "/" of a web server and displays the HTTP headers returned. See also: http-security-headers.nse Script Arguments useget Set to force GET requests instead of HEAD. path The path to request, such as /index.php. Default /. slaxml.debug See the documentatio...
Xitami Web Server <= 5.0 Remote Denial of Service Exploit
No description provided by source. !/usr/bin/perl Xitami HTTP Server = v5.0 Remote Denial of Service. ------------------------------------------------------------------------------ The vulnerability is caused due to an error with HEAD request and multi-socket This can be exploited to crash the HT...