93 matches found
Apache mod_proxy_ftp模块远程命令注入漏洞
BUGTRAQ ID: 36254 CVE ID: CVE-2009-3095 Apache HTTP Server是一款流行的Web服务器。 Apache服务器的modproxyftp模块中存在远程命令注入漏洞。在逆向代理配置中,远程攻击者可以利用这个漏洞通过创建特制的HTTP Authorization头绕过预期的访问限制,向FTP服务器发送任意命令。 Apache Group Apache 2.2.x 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Apache Httpd < 2.2.14 : mod_proxy_ftp FTP command injection
A flaw was found in the modproxyftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server...
Free Download Manager Remote Control Server HTTP Authorization buffer overflow
Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...
Free Download Manager Remote Control Server HTTP Authorization buffer overflow
Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...
Free Download Manager Remote Control Server HTTP Authorization buffer overflow
Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...
Free Download Manager Remote Control Server HTTP Authorization buffer overflow
Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...
Now SMS/MMS Gateway < 2008.02.22 Multiple Remote Overflows
The remote host is running Now SMS/MMS Gateway, a tool for connecting to SMS and/or MMS messaging providers and managing GSM modems. The web interface component of the version of Now SMS/MMS Gateway installed on the remote host contains a stack-based buffer overflow that can be triggered using a...
CVE-2005-1348
Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header...
Conceptronic CADSLR1 buffer overflow
Buffer overflow on oversized HTTP Authorization: header...
CVE-2002-0566
CVE-2002-0566 affects Oracle 9i Application Server (iAS) with the PL/SQL module 3.0.9.8.2. The vulnerability allows an unauthenticated remote attacker to crash the Apache-based PL/SQL service by sending a malformed HTTP Authorization header (no auth type). Impact is denial of service (partial ava...
Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP Authorization header
Overview A buffer overflow vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS. An HTTP Authorization header with a crafted password parameter could allow an unauthenticated remote attacker to cause a denial of...
Oracle9i Application Server Apache PL/SQL module does not properly handle HTTP Authorization header
Overview A vulnerability exists in the way the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS handles HTTP Authorization headers. This vulnerability could allow an unauthenticated remote attacker to crash the Apache service. Description...
Переполнение буфера в thttpd (buffer overflow)
Переполнение буфера при base64-декодировании заголовка HTTP-авторизации...