46 matches found
SUSE CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier...
AZL-13173 CVE-2022-25881 affecting package nodejs for versions less than 16.20.1-2
This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library...
DEBIAN-CVE-2020-25756
A buffer overflow vulnerability exists in the mggethttpheader function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice...
CVE-2020-25756
A buffer overflow vulnerability exists in the mggethttpheader function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice...
CVE-2020-25756
A buffer overflow vulnerability exists in the mggethttpheader function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice...
SUSE-SU-2018:1161-1 Security update for apache2
This update for apache2 fixes the following issues: CVE-2018-1283: when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a 'Session' header leading to unexpected behavior bsc1086814...
HooToo Trip Mate 6 vshttpd Buffer Overflow Vulnerability
The HooToo Trip Mate 6 TM6 is a portable wireless router from HooToo USA. vshttpd aka ioos is one of the http servers. A heap buffer overflow vulnerability exists in vshttpd in HooToo TM6 firmware version 2.000.030 and earlier. A remote attacker can exploit this vulnerability to control the progr...
CVE-2016-4544
The exifprocessTIFFinJPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted header data...
UBUNTU-CVE-2014-2957
The dmarcprocess function in dmarc.c in Exim before 4.82.1, when EXPERIMENTALDMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expandstring function...
CVE-2010-4376
CVE-2010-4376 describes a heap-based buffer overflow in RealNetworks RealPlayer 11.x (Windows, Mac, Linux) and RealPlayer SP 1.x, triggered by a large Screen Width value in the GIF87a Screen Descriptor of an RTSP stream. This allows remote code execution. Public sources in the provided documents ...
Virata EmWeb R6.0.1 - Remote Crash
Virata EmWeb R6.0.1 - Remote Crash Exploit Title: Virata EmWeb R6.0.1 Remote Crash Vulnerability Date: 06/04/10 Author: Jobert Abma Online 24 Email: j.abmaatonline24dotnl Version: R6.0.1 Tested on: linux CVE : Code : This was written for educational purpose. Use it at your own risk. Author will b...
CVE-2009-2281
Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via 1 a crafted Content-Length HTTP header or 2 a large HTTP request, related to an integer overflow tha...
Sendmail X-header头远程堆溢出漏洞
BUGTRAQ ID: 34944 CVECAN ID: CVE-2009-1490 Sendmail是很多大型站点都在使用的邮件传输代理(MTA)。 如果远程攻击者向Sendmail发送了包含有超长X-header头的畸形报文的话,就可能触发堆溢出,导致拒绝服务或执行任意代码。 Sendmail 8.13.2 Sendmail Consortium ------------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.sendmail.org/releases/8.13.2 $ telnet example.com 25...
CVE-2008-5284
The CVE-2008-5284 issue affects multiple products where the web server component can crash due to a crafted HTTP Content-Length header with a negative value. Affected are IEA Software RadiusNT/RadiusX (versions 5.1.38 up to but not including 5.1.44), Emerald (5.0.49 up to before 5.0.52), Air Mars...
CVE-2004-0646
Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as 1 modjrun and 2 modjrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields...
SquirrelMail 1.2.x - From Email Header HTML Injection
SquirrelMail 1.2.x - From Email Header HTML Injection source: https://www.securityfocus.com/bid/10450/info SquirrelMail is reported to be prone to a 'from' field email header HTML injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied email...
CVE-2004-1950
phpBB 2.0.8a and earlier trusts the IP address that is in the X-Forwarded-For in the HTTP header, which allows remote attackers to spoof IP addresses...
Lam3rZ Security Advisory #3/2004: A bug in Confirm leads to remote command execution
Lam3rZ Security Advisory 3/2004 23 Feb 2004 Remote command execution in Confirm Name: Confirm =0.62 Severity: High Software URL: http://freshmeat.net/projects/confirm/ Software author: David Lechnyr davidrl/at/comcast/dot/net Advisory author: Mariusz Woloszyn emsi/AT/GTS/dot/PL Vendor notified: F...
GetWare Web Server Component - Content-Length Value Remote Denial of Service
source: https://www.securityfocus.com/bid/9451/info The GetWare Web Server component has been reported prone to a remote denial of service vulnerability. It has been reported that the issue will present itself when the affected web server receives malicious HTTP requests that contain negative...
CVE-2002-0840
Cross-site scripting XSS vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different...