3670 matches found
CVE-2001-0524
eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier...
CVE-2001-0524
eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier...
Lotus Domino vulnerable to DoS via crafted HTTP header requests
Overview The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Description HTTP requests with uniquely crafted headers using "Accept", "Accept-Charset", "Accept-Encoding", "Accept-Language" or "Content-Type" are not freed properly. This means that...
CVE-2001-0433
Buffer overflow in Savant 3.0 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Host HTTP header...
CVE-2001-0433
Buffer overflow in Savant 3.0 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Host HTTP header...
def-2001-20: Lotus Domino Multiple DoS
====================================================================== Defcom Labs Advisory def-2001-20 Lotus Domino Multiple DoS Author: Peter Grьndl [email protected] Release Date: 2001-04-11 ======================================================================...
PHF (Linux/x86) - Remote Buffer Overflow
/ | phx.c -- phf buffer overflow exploit for Linux-ix86 | Copyright c 2000 by proton. All rights reserved. | | This program is free software; you can redistribute it and/or modify | it under the terms of the GNU General Public License as published by | the Free Software Foundation; either version...
Заткнута дырка в IIS (Specialized Header)
При определенном HTTP-заголовке запроса можно было получить исходные тексты ASP-приложения...
CVE-2020-5220: Ability to define unintended serialisation groups via HTTP header which might lead to data exposure
Impact ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API with ResourceBundle's...
CVE-2020-5220: Ability to define unintended serialisation groups via HTTP header which might lead to data exposure
Impact ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API with ResourceBundle's...