18 matches found
EUVD-2008-1777
Malware in sbrugna...
EUVD-2009-3089
Malware in sbrugna...
CVE-2021-4433
A vulnerability was found in Karjasoft Sami HTTP Server 2.0. It has been classified as problematic. Affected is an unknown function of the component HTTP HEAD Rrequest Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2021-4433 Karjasoft Sami HTTP Server HTTP HEAD Rrequest denial of service
A vulnerability was found in Karjasoft Sami HTTP Server 2.0. It has been classified as problematic. Affected is an unknown function of the component HTTP HEAD Rrequest Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2021-4433
Karjasoft Sami HTTP Server 2.0 is affected in the HTTP HEAD Request Handler component. The vulnerability (CVE-2021-4433) arises from manipulation of this handler, leading to remote denial of service. Exploitation has been disclosed publicly. Remediation suggestions from PT Security indicate disab...
Jenkins Deploy WebLogic Plugin missing permission check
JenkinsDeploy WebLogic Plugin does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to send an HTTP HEAD request to a user-specified URL, or confirm the existence of any file or directory on the Jenkins controller...
GHSA-89VJ-RQV8-7737 Jenkins Deploy WebLogic Plugin missing permission check
JenkinsDeploy WebLogic Plugin does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to send an HTTP HEAD request to a user-specified URL, or confirm the existence of any file or directory on the Jenkins controller...
Jenkins Deploy WebLogic Plugin cross-site request forgery vulnerability
JenkinsDeploy WebLogic Plugin does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to send an HTTP HEAD request to a user-specified URL, or confirm the existence of any file or directory on the Jenkins controller...
CVE-2019-17181
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 2007-06-03. An attacker may send a crafted HTTP GET or HEAD request that can result in a compromise of the hosting system...
CVE-2018-19861
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued...
MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method Exploit
Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length ------------------------------------------------------------------- EAX...
MiniShare 1.4.1 HEAD / POST Buffer Overflow Exploit
Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...
MiniShare 1.4.1 HEAD / POST Buffer Overflow
Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...
Nero MediaHome Multiple Remote DoS Vulnerabilities
Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Versions: 4.5.8.0 and probably prior Tested Version: 4.5.8.0 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper Handling of Length Parameter Inconsistency...
Nero MediaHome 4.5.8.0 - Denial of Service
Nero MediaHome 4.5.8.0 - Denial of Service Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Versions: 4.5.8.0 and probably prior Tested Version: 4.5.8.0 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper...
TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities
Advisory ID: HTB23120 Product: TVMOBiLi media server Vendor: TVMOBiLi Vulnerable Versions: 2.1.0.3557 and probably prior version Tested Version: 2.1.0.3557 in Windows XP SP3 32 bits Vendor Notification: October 15, 2012 Vendor Patch: November 21, 2012 Public Disclosure: December 5, 2012...
CVE-2004-2534
Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of service connection consumption by sending a large number HTTP HEAD requests...
Fastream NETFile FTP/Web Server HEAD Request Saturation DoS
The remote host appears to be running FastStream NETFile Server version 7.1 or older. These versions do not close the connection when an HTTP HEAD request is received with the keep-alive option set. An attacker may exploit this flaw by sending multiple HEAD requests to the remote host, thus...