GLSA-200606-05 : Pound: HTTP request smuggling

The remote host is affected by the vulnerability described in GLSA-200606-05 Pound: HTTP request smuggling Pound fails to handle HTTP requests with conflicting 'Content-Length' and 'Transfer-Encoding' headers correctly. Impact : An attacker could exploit this vulnerability by sending HTTP request...

CVE-2006-2531

Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header to "NmConsole"...

USN-233-1: fetchmail vulnerability

Steve Fosdick discovered a remote Denial of Service vulnerability in fetchmail. When using fetchmail in 'multidrop' mode, a malicious email server could cause a crash by sending an email without any headers. Since fetchmail is commonly called automatically with cron, for example, this crash could...

CVE-2005-4348

fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service application crash by sending messages without headers from upstream mail servers...

Symantec Brightmail Antispam SPAM filter DoS

MIME headers parsing DoS...

Fedora Core 3 : ipsec-tools-0.5-2.fc3 (2005-217)

This update fixes a potential DoS in parsing ISAKMP headers in racoon. CVE-2005-0398 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

SpamAssassin and Vipul's Razor antispam filters DoS

CPU exhaustion on malcrafted e-mail headers...

CVE-2005-0241

The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size...