CVE-2005-4687

PunBB 1.2.9 (used standalone or with F-ART BLOG:CMS) trusts the client IP from the X-Forwarded-For header instead of the TCP/IP stack, enabling IP address spoofing by remote attackers. Red Hat and CVE records corroborate this vulnerability in PunBB 1.2.9. The underlying issue is header-based IP e...

CA iTechnology iGateway Service Content-Length Buffer Overflow

The remote host is using CA iTechnology iGateway service, a software component used in various products from CA. The version of the iGateway service installed on the remote host reportedly fails to sanitize Content-Length HTTP header values before using them to allocate heap memory. An attacker c...

GLSA-200512-12 : Mantis: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200512-12 Mantis: Multiple vulnerabilities Tobias Klein discovered that Mantis contains several vulnerabilities, including: a file upload vulnerability. an injection vulnerability in filters. a SQL injection vulnerability in the...

[DRUPAL-SA-2005-008] Drupal 4.6.4 / 4.5.6 fixes XSS and HTTP header injection issue

---------------------------------------------------------------------------- Drupal security advisory DRUPAL-SA-2005-008 ---------------------------------------------------------------------------- Advisory ID: DRUPAL-SA-2005-008 Project: Drupal core Date: 2005-11-30 Security risk: less critical...

DRUPAL-SA-2005-008 XSS and HTTP header injection vulnerability with uploaded files

Paul Laudanski informed us that it's possible to attach files that are able to run Javascript under Internet Explorer. Further investigation of the problem revealed that the same method can be used to inject arbitrary HTTP headers. Versions affected Drupal 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5...

Format string on HTTP header name

The remote web server seems to be vulnerable to a format string attack on HTTP headers names. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

TelCondex Simple Webserver Buffer Overflow

The TelCondex SimpleWebserver is vulnerable to a remote executable buffer overflow, due to missing length check on the referer-variable of the HTTP-header. OpenVAS Vulnerability Test $Id: telcondex.nasl 6063 2017-05-03 09:03:05Z teissa $ Description: TelCondex Simple Webserver Buffer Overflow...

TelCondex Simple Webserver Buffer Overflow

The TelCondex SimpleWebserver is vulnerable to a remote executable buffer overflow, due to missing length check on the referer-variable of the HTTP-header. SPDX-FileCopyrightText: 2003 Matt North Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

HTTP Header Overflow DoS Vulnerability

It was possible to kill the web server by sending an invalid request with a too long header name or value. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Guppy Multiple HTTP Header XSS

The remote host is running Guppy, a CMS written in PHP. The remote version of this software does not properly sanitize input to the Referer and User-Agent HTTP headers before using it in the 'error.php' script. A malicious user can exploit this flaw to inject arbitrary script and HTML code into a...

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

security flaw

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

CuteNews 1.4.0 remote code execution

CuteNews 1.4.0 possibly prior versions remote code execution software: site: http://cutephp.com/ description: "Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading, backup...

CuteNews flood.db.php HTTP Header PHP Code Injection

Binary data 3230.prm...

CuteNews flood.db.php Client-IP HTTP Header Arbitrary Code Injection

The version of CuteNews installed on the remote host fails to properly sanitize the IP addresses of clients using the system before logging them to a known file. An attacker can exploit this flaw to inject arbitrary PHP code through a Client-IP request header and then execute that code by...

CVE-2005-2888

Multiple SQL injection vulnerabilities in MyBulletinBoard MyBB Preview Release 2 allow remote attackers to execute arbitrary SQL commands via the 1 fid parameter to misc.php or 2 Content-Disposition field in the HTTP header to newreply.php...

[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 805-1 [email protected] http://www.debian.org/security/ Martin Schulze September 8th, 2005 http://www.debian.org/security/faq -...

CVE-2005-2806

client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows remote attackers to cause a denial of service application hang via an HTTP header containing only a ":" colon, possibly leading to an integer signedness error due to a missing field name or value...