Header overflow against HTTP proxy

It was possible to kill the HTTP proxy by sending an invalid request with a too long header A cracker may exploit this vulnerability to make your proxy server crash continually or even execute arbitrary code on your system. OpenVAS Vulnerability Test $Id: avirtproxyoverflow.nasl 6702 2017-07-12...

Anti-Scanner Defenses (HTTP)

It seems that the remote web server rejects HTTP requests from the Scanner. It is probably protected by a reverse proxy, WAF or IDS/IPS. SPDX-FileCopyrightText: 2005 Michel Arboi SPDX-FileCopyrightText: New / improved detection code since 2018 Greenbone AG Some text descriptions might be excerpte...

CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit

Exploit for unknown platform in category web applications ================================================================= CuteNews CuteNews 1.4.1 re...

CuteNews &lt;= 1.4.1 (shell inject) Remote Command Execution Exploit

No description provided by source. ?php ---cuten141xpl.php 7.13 03/11/2005 CuteNews 1.4.1 shell injection by rgod site: http://rgod.altervista.org usage: launch form Apache, fill in requested fields, then go! make these changes in php.ini if you have troubles with this script:...

Header Overflow Attack against HTTP Proxy

It was possible to crash the HTTP proxy by sending an invalid request with a too long header. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Mandrake Linux Security Advisory : apache2 (MDKSA-2005:129)

Marc Stern reported an off-by-one overflow in the modssl CRL verification callback which can only be exploited if the Apache server is configured to use a malicious certificate revocation list CVE-2005-1268. Watchfire reported a flaw that occured when using the Apache server as a HTTP proxy. A...

MailGust <= 1.9 (board takeover) SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================== MailGust = 1.9 board takeover SQL Injection Exploit ====================================================== ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / boa...

MailGust 1.9 - Board Takeover (SQL Injection)

MailGust 1.9 - Board Takeover SQL Injection ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...

MailGust 1.9 - Board Takeover (SQL Injection)

?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registerglobals =...

MailGust &lt;= 1.9 (board takeover) SQL Injection Exploit

No description provided by source. ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...

CuteNews &lt;= 1.4.0 (shell inject) Remote Command Execution Exploit

No description provided by source. ?php cutenxpl.php CuteNews 1.4.0possibly prior versions remote code execution by rgod site: http://rgod.altervista.org usage: launch form Apache, fill in requested fields, then go! make these changes in php.ini if you have troubles with this script:...

AzDGDatingLite &lt;= 2.1.3 Remote Code Execution Exploit

No description provided by source. ?php azdgexpl.php AzDGDatingLite V 2.1.3 possibly prior versions remote code execution with generic http proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference =...

AzDGDatingLite 2.1.3 - Remote Code Execution

?php azdgexpl.php AzDGDatingLite V 2.1.3 possibly prior versions remote code execution with generic http proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registerglobals = on usage:...

AzDGDatingLite 2.1.3 - Remote Code Execution

AzDGDatingLite 2.1.3 - Remote Code Execution ?php azdgexpl.php AzDGDatingLite V 2.1.3 possibly prior versions remote code execution with generic http proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...

Debian DSA-805-1 : apache2 - several vulnerabilities

Several problems have been discovered in Apache2, the next generation, scalable, extendable web server. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-1268 Marc Stern discovered an off-by-one error in the modssl Certificate Revocation List CRL...

Class-1 Forum 0.24.4 - Remote Code Execution

http://rgod.altervista.org make these changes in php.ini if you have troubles with this script: allowcalltimepassreference = on registerglobals = on this is my piece of poetry... errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout", 2; obimplicitflush 1; echo 'class1 remote...

[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 805-1 [email protected] http://www.debian.org/security/ Martin Schulze September 8th, 2005 http://www.debian.org/security/faq -...

PBLang 4.65 - Remote Command Execution (1)

site: http://rgod.altervista.org make these changes in php.ini if you have troubles with this script: allowcalltimepassreference = on registerglobals = on / errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout", 2; obimplicitflush 1; echo 'PBLang 4.65 remote commands execution...

DSA-803-1 apache - programming error

Bulletin has no description...

DEBIAN-CVE-2005-1857

Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply...