5 matches found
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2634)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : httpd (EulerOS-SA-2024-1963)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.CVE-2023-38709...
CURL-CVE-2019-3822 NTLMv2 type-3 header stack buffer overflow
libcurl contains a stack based buffer overflow vulnerability. The function creating an outgoing NTLM type-3 header lib/vauth/ntlm.c:Curlauthcreatentlmtype3message, generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from...
MailEnable 1.1x - Content-Length Denial of Service
MailEnable 1.1x - Content-Length Denial of Service source: https://www.securityfocus.com/bid/10838/info MailEnable is reported prone to a remote denial of service vulnerability. This vulnerability is reported to exist in the MailEnable HTTP header parsing code. When reading a large content-length...
Cobalt RaQ 2.0/3.0 / qpopper 2.52/2.53 - 'EUIDL' Format String Input
// source: https://www.securityfocus.com/bid/1242/info A vulnerability exists in version 2.53 and prior of qpopper, a popular POP server, from Qualcomm. By placing machine executable code in the X-UIDL header field, supplying formatting strings in the "From:" field in a mail header, and then...