Crlf injection

CRLF injection vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a MIME header...

CVE-2013-3373

CRLF injection vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a MIME header...

CVE-2013-3373

CVE-2013-3373: CRLF/header injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via a MIME header. Affected RT versions include 3.8.x (pre-3.8.17) and 4.0.x (pre-4.0...

CVE-2013-3372

Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers and possibly conduct cross-site scripting XSS attacks via unspecified vectors...

CVE-2013-3372

RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13 are affected by a vulnerability that allows remote attackers to inject multiple Content-Disposition HTTP headers, potentially enabling cross-site scripting (XSS) via unspecified vectors. Affected products/versions should be upgraded to fixed releases...

CVE-2013-3373

CRLF injection vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a MIME header...

CVE-2013-2175

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdrip or other "hdr" functions with a negative occurrence count, allows remote attackers to cause a denial of service negative array index usage and crash via an HTTP header with a certain number of values, related to the...

Cogent DataHub HTTP Server Buffer Overflow Vulnerability

This Metasploit module exploits a stack based buffer overflow on Cogent DataHub 7.3.0. The vulnerability exists in the HTTP server - while handling HTTP headers, a strncpy function is used in a dangerous way. This Metasploit module has been tested successfully on Cogent DataHub 7.3.0 Demo on...

Fluidgalleries Photo Upload Shell Upload

In The Name Of Allah + Exploit Title : fluidgalleries Photo Upload Remote Shell Upload Vulnerability + Google Dork 1 : inurl:"fluidgalleries/dat/info.dat" + Google Dork 2 : inurl:"/fluidgalleries/php/" + Date : 01/08/2013 + Exploit Author : IranianDarkCodersTeam + Home : www.idc-team.net +...

Cogent Datahub Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cogent Datahub. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web server component's handling of HTTP headers. By sending an overlarge HTTP heade...

ModSecurity Version

Based on HTTP headers, the remote host appears to be running ModSecurity, an open source web application firewall WAF. It was possible to read the version number from the banner. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid67123; scriptversion"1.6";...

[SECURITY] Fedora 19 Update: haproxy-1.4.24-1.fc19

HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...

[SECURITY] Fedora 17 Update: haproxy-1.4.24-1.fc17

HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...

Ubuntu Update for haproxy USN-1889-1

Check for the Version of haproxy OpenVAS Vulnerability Test $Id: gbubuntuUSN18891.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for haproxy USN-1889-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

USN-1889-1: HAProxy vulnerability

David Torgerson discovered that HAProxy incorrectly parsed certain HTTP headers. A remote attacker could use this issue to cause HAProxy to stop responding, resulting in a denial of service...

Crlf injection

CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before 6.1.5 CF26, 7.0.0.x before 7.0.0.2 CF21, and 8.0.0.x through 8.0.0.1 CF5, when home substitution aka uri.home.substitution is enabled, allows remote authenticated users to inject arbitrary HTTP header...

CVE-2013-2950

CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before 6.1.5 CF26, 7.0.0.x before 7.0.0.2 CF21, and 8.0.0.x through 8.0.0.1 CF5, when home substitution aka uri.home.substitution is enabled, allows remote authenticated users to inject arbitrary HTTP header...

Microsoft HTTP.SYS Remote Denial of Service Vulnerability

This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of IIS. No user interaction is required to exploit this vulnerability. The specific flaw exists within handling of HTTP headers in the Windows kernel. By providing a duplicate of a...

Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability (2829254)

This host is missing an important security update according to Microsoft Bulletin MS13-039. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

[SECURITY] Fedora 19 Update: haproxy-1.4.23-2.fc19

HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...