Lucene search
+L

390 matches found

Cvelist
Cvelist
added 2009/03/04 4:0 p.m.43 views

CVE-2009-0802

Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...

6.7AI score0.02424EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/03/04 4:0 p.m.16 views

CVE-2009-0803

SmoothWall SmoothGuardian, as used in SmoothWall Firewall, NetworkGuardian, and SchoolGuardian 2008, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and...

6.7AI score0.02355EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/03/04 4:0 p.m.24 views

CVE-2009-0804

Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...

6.5AI score0.02376EPSS
Exploits0References3
CVE
CVE
added 2009/03/04 4:0 p.m.80 views

CVE-2009-0801

CVE-2009-0801 affects Squid when transparent interception is enabled. The vulnerability arises because the HTTP Host header is used to identify the remote endpoint, allowing an attacker to bypass access controls for Flash/Java/Silverlight and potentially reach restricted intranet sites via a craf...

5.4CVSS8.3AI score0.03089EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2009/03/04 4:0 p.m.19 views

CVE-2009-0804

Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...

5.4CVSS3AI score0.02376EPSS
Exploits0
CVE
CVE
added 2009/03/04 4:0 p.m.48 views

CVE-2009-0803

CVE-2009-0803 affects SmoothWall SmoothGuardian (used in SmoothWall Firewall, NetworkGuardian, and SchoolGuardian 2008). In transparent interception mode, the product uses the HTTP Host header to determine the remote endpoint, allowing a crafted page to cause a client to send HTTP requests with a...

5.4CVSS7AI score0.02355EPSS
Exploits0References3Affected Software3
Cvelist
Cvelist
added 2009/03/04 4:0 p.m.35 views

CVE-2009-0801

Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a...

8.5AI score0.03089EPSS
Exploits0References2
Prion
Prion
added 2009/02/19 3:30 p.m.16 views

Design/Logic Flaw

includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header...

9.3CVSS7.5AI score0.03705EPSS
Exploits0References9Affected Software1
UbuntuCve
UbuntuCve
added 2009/02/19 3:30 p.m.40 views

CVE-2008-6171

includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header...

9.3CVSS6.1AI score0.03705EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/02/19 3:2 p.m.28 views

CVE-2008-6171

includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header...

7.1AI score0.03705EPSS
Exploits0References9
CVE
CVE
added 2009/02/19 3:2 p.m.67 views

CVE-2008-6171

CVE-2008-6171 affects Drupal 5.x before 5.12 and 6.x before 6.6. When a server is configured for IP-based virtual hosts, the application may include and execute arbitrary files via the HTTP Host header, enabling remote code execution. The underlying issue is an insecure file inclusion triggered b...

9.3CVSS7.3AI score0.03705EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/12/01 12:0 a.m.37 views

CUPS < 1.3.10 Multiple Overflows

Binary data 4771.prm...

7.5CVSS7.8AI score0.19633EPSS
Exploits5References6
NVD
NVD
added 2008/08/06 6:41 p.m.10 views

CVE-2008-3494

8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to bypass intended restrictions via an extra HTTP Host header with additional leading text placed before the real Host header...

7.8CVSS6.7AI score0.02771EPSS
Exploits1References4
Prion
Prion
added 2008/08/06 6:41 p.m.12 views

Design/Logic Flaw

8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to bypass intended restrictions via an extra HTTP Host header with additional leading text placed before the real Host header...

7.8CVSS7.3AI score0.02771EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/08/06 6:0 p.m.16 views

CVE-2008-3494

8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to bypass intended restrictions via an extra HTTP Host header with additional leading text placed before the real Host header...

6.7AI score0.02771EPSS
Exploits1References4
Saint
Saint
added 2007/10/26 12:0 a.m.28 views

Tivoli Storage Manager CAD Host header buffer overflow

Added: 10/26/2007 CVE: CVE-2007-4880 BID: 25743 OSVDB: 38161 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1581/TCP. Problem A buffer overflow vulnerability in Tivoli Storage...

10CVSS7.7AI score0.75945EPSS
Exploits9
Saint
Saint
added 2007/10/26 12:0 a.m.21 views

Tivoli Storage Manager CAD Host header buffer overflow

Added: 10/26/2007 CVE: CVE-2007-4880 BID: 25743 OSVDB: 38161 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1581/TCP. Problem A buffer overflow vulnerability in Tivoli Storage...

10CVSS7.7AI score0.75945EPSS
Exploits9
Exploit DB
Exploit DB
added 2006/10/30 12:0 a.m.46 views

Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow (3)

source: https://www.securityfocus.com/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer. An attacker could leverage this issue to...

7.5CVSS7.4AI score0.83891EPSS
Exploits11
securityvulns
securityvulns
added 2004/07/21 12:0 a.m.36 views

Lexmark T522 buffer overflow

Buffer overflow on oversized HTTP Host: header...

2.3AI score
Exploits0References1
NVD
NVD
added 2004/04/15 4:0 a.m.12 views

CVE-2003-1039

Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to 1 Message Server, 2 Web Dispatcher, or 3 Application Server...

7.5CVSS7.8AI score0.02566EPSS
Exploits0References2
Rows per page
Query Builder