Streamripper Multiple Buffer Overflow Vulnerabilities (Linux)

The host is installed with Streamripper, which is prone to Multiple Buffer Overflow Vulnerabilities. OpenVAS Vulnerability Test $Id: gbstreamrippermultbofvulnnov08lin.nasl 5158 2017-02-01 14:53:04Z mime $ Streamripper Multiple Buffer Overflow Vulnerabilities Linux Authors: Veerendra GG Copyright:...

Streamripper Multiple Buffer Overflow Vulnerabilities - Linux

Streamripper is prone to multiple buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-5284

The CVE-2008-5284 issue affects multiple products where the web server component can crash due to a crafted HTTP Content-Length header with a negative value. Affected are IEA Software RadiusNT/RadiusX (versions 5.1.38 up to but not including 5.1.44), Emerald (5.0.49 up to before 5.0.52), Air Mars...

Ruby on Rails redirect_to() HTTP Header Injection Vulnerability - Linux

The host is running Ruby on Rails, which is prone to HTTP Header Injection Vulnerability. OpenVAS Vulnerability Test $Id: gbrubyrailshttpheaderinjvulnlin.nasl 4227 2016-10-07 05:45:35Z teissa $ Ruby on Rails redirectto HTTP Header Injection Vulnerability - Linux Authors: Veerendra GG Copyright:...

Ruby on Rails redirect_to() HTTP Header Injection Vulnerability (Oct 2008) - Linux

Ruby on Rails is prone to a HTTP Header injection vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

Sql injection

SQL injection vulnerability in subvotepic.php in the Datsogallery comdatsogallery module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header...

Sql injection

SQL injection vulnerability in inc/ajax/ajaxrating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header...

CVE-2008-5132

SQL injection vulnerability in inc/ajax/ajaxrating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header...

fresh email script 1.0 - Multiple Vulnerabilities

fresh email script 1.0 - Multiple Vulnerabilities 1. +-----------------+-----------------+-----------------+ 2. +-----------------+Fresh Email Script+----------------+ 3. +-----------------versions: 1.0 to 1.11 - all 4. +-----------------exploits: file inclusion & cookie manipulation 5...

JVN#67060882 sISAPILocation vulnerability bypasses HTTP header rewrite function

sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS Internet Information Services. sISAPILocation contains a vulnerability that allows the HTTP header rewrite function to be bypassed. Impact When sISAPILocation is used to configure settings, such as to specify charact...

Debian: Security Advisory (DSA-1651-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Admbook PHP Code Injection Flaw

The remote web server contains a PHP script that allows arbitrary code injection. Description : The remote host is running AdmBook, a PHP-based guestbook. The remote version of this software is prone to remote PHP code injection due to a lack of sanitization of the HTTP header 'X-Forwarded-For'...

CVE-2008-4678

The HTTPRequestParser method in the HTTP Transport component in IBM WebSphere Application Server WAS 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service controller 0C4 abend and application hang via a long HTTP Host header, related to "storage overlay" on the stack and a...

CVE-2008-4644

CVE-2008-4644 affects hits.php in the myWebland myStats component, where remote attackers can bypass IP address restrictions by tampering with the X-Forwarded-For HTTP header. The vulnerability is triggered by trusting a manipulated X-Forwarded-For value, allowing bypass of access controls intend...

CVE-2008-4644

hits.php in myWebland myStats allows remote attackers to bypass IP address restrictions via a modified X-Forwarded-For HTTP header...

Debian DSA-1652-1 : ruby1.9 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe...

Debian DSA-1651-1 : ruby1.8 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe...