[MSA02240108] IE7 allows overwriting of several headers leading to Http request Splitting and smuggling.

MSA01240108: IE7 allows overwriting of several headers leading to Http request Splitting and smuggling. Date: March 21th, 2008 Tested Versions: Internet Explorer 7.0.5730.11 Tested OS: Windows XP Professional SP2 Italian Minded Security ReferenceID: MSA02240108 Credits: Discovery by Stefano Di...

VLC Media Player network/httpd.c httpd_FileCallBack Function Connection Parameter Format String

The remote host is running VLC, a popular media player application which can have an embedded web server. The remote version of this software is vulnerable to a format string attack when processing a malformed 'Connection:' http header. An attacker can exploit this flaw to execute arbitrary...

CVE-2008-1398

SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

Sql injection

SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

CVE-2008-1398

CVE-2008-1398 describes an SQL injection in AuraCMS 2.0–2.2.1 via the X-Forwarded-For HTTP header (HTTP_X_FORWARDED_FOR environment variable) that allows remote execution of arbitrary SQL commands. Affected component is online.php; root cause is improper handling/validation of the header value in...

CVE-2008-1398

SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

AuraCMS 2.2.1 - X-Forwarded-For HTTP Header Blind SQL Injection

AuraCMS 2.2.1 - X-Forwarded-For HTTP Header Blind SQL Injection !/usr/bin/perl -w Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x online.php - Remote Blind SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 2.0 2.1 2.2.1 Vendor :...

AuraCMS 2.2.1 - 'X-Forwarded-For' HTTP Header Blind SQL Injection

!/usr/bin/perl -w Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x online.php - Remote Blind SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 2.0 2.1 2.2.1 Vendor : http://www.auracms.org/ ------------------------------------ Audit...

Buffer overflow

Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service device crash or possibly have unspecified other impact via 1 a long username or 2 an HTTP header with a large name and an empty value...

CVE-2008-1266

Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service device crash or possibly have unspecified other impact via 1 a long username or 2 an HTTP header with a large name and an empty value...

Centreon 1.4.2.3 - 'get_image.php' Remote File Disclosure

!/usr/bin/python Date : 20/01/2008 Author : Julien CAYSSOL import sys, urllib2,re useragent = 'Mozilla/6.0 compatible; MSIE 6.0; Windows NT' headers = 'User-Agent' : useragent , 'Accept-Charset' : 'ISO-8859-15' if name == "main": if lensys.argv==2: host = sys.argv1 print " + Host : " + host url =...

CVE-2008-1052

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails...

Null pointer dereference

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails...

CVE-2008-1052

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails...

CVE-2008-1052

The CVE-2008-1052 entry concerns NetWin SurgeFTP, specifically versions 2.3a2 and earlier. The issue is a remote denial of service: when an attacker sends a crafted large Content-Length HTTP header, memory exhaustion leads to a NULL pointer dereference and a daemon crash. The description does not...

CVE-2008-0850

Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to whoisonline.php, 2 trackinglistcoachescolumn parameter to main/mySpace/index.php, 3 tutorname parameter to main/createcourse/addcourse.php, the 4 Referer HTTP...

CVE-2008-0850

Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to whoisonline.php, 2 trackinglistcoachescolumn parameter to main/mySpace/index.php, 3 tutorname parameter to main/createcourse/addcourse.php, the 4 Referer HTTP...

CVE-2008-0694

Cross-site scripting XSS vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header...

Cross site scripting

Cross-site scripting XSS vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header...

CVE-2008-0694

The CVE-2008-0694 entry concerns IBM OS/400 HTTP Server (versions V5R3M0 and V5R4M0). The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. Affected component is the HTTP Server handling Expect header...