Update Protection against Sun Java System Web Server Digest Authorization Buffer Overflow

A buffer overflow vulnerability was reported in Sun Java System Web Server, a web server for medium to large business applications. The vulnerability is due to insufficient boundary checks when processing malformed HTTP requests. A remote unauthenticated attack can leverage this vulnerability by...

WebCalendar Multiple CSS and CSRF Vulnerabilities

The host is running WebCalendar and is prone to multiple CSS and CSRF Vulnerabilities. OpenVAS Vulnerability Test $Id: gbwebcalendarmultcssncsrfvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ WebCalendar Multiple CSS and CSRF Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone...

Sun Java System Web Server Digest Authorization Buffer Overflow

Sun Microsystems' Java System Web Server is a high performance web server for medium to large business applications. A buffer overflow vulnerability has been reported in Sun Java System Web Server. The vulnerability is due to insufficient boundary checks by the Sun Java Web Server when processing...

Magic_Blocks1_2 File Disclosure

links : http://mshaer.net/magicblocks12.zip !/usr/bin/perl Exploitation Remote File Disclosure Vulnerability By JIKO Author : Jiko Site : http://www.No-ExploiT.Com Contact : jalikomathotmaildotcom Thanks to allah Greetz All Moslum And My friends script http://mshaer.net/magicblocks12.zip...

CVE-2003-1578

Sun ONE aka iPlanet Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview functionality by accompanying the requests with crafted DNS responses specifying a domain name beginning...

HP OpenView Network Node Manager OVwSelection Buffer Overflow (CVE-2009-4181)

The HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes several optional modules and components, such as OpenView Quality Manager, OpenView Performance Insight, OpenView Network Node Manager, etc. A buffer overflow...

HP Power Manager Remote Code Execution (CVE-2009-2685)

A remote code execution vulnerability exists within HP Power Manager. The vulnerability is due to insufficient bounds checking in the HP Power Manager while processing URL parameters in the login form of the web based management web server. Remote unauthenticated attackers can exploit this...

Authentication flaw

The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests...

CVE-2009-2901

The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests...

CVE-2009-2901

The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests...

Mandriva Linux Security Advisory : ruby (MDVSA-2010:017)

A vulnerability has been found and corrected in ruby : WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers t...

CVE-2009-4611

Mort Bay Jetty 6.x through 6.1.22 and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal...

SQL-Ledger Multiple Vulnerabilities

This host is running SQL-Ledger and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodsqlledgermultvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ SQL-Ledger Multiple Vulnerabilities Authors: Sharath S Copyright: Copyright c 2009 SecPod, http://www.secpod.com This program i...

Preemptive Protection against HP OpenView Network Node Manager snmpviewer.exe Host Header Buffer Overflow

A buffer overflow vulnerability exists in the HP OpenView Network Node Manager NNM CGI program snmpviewer.exe. The vulnerability is due to a boundary error when processing the Host header from HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTT...

Preemptive Protection against HP OpenView Network Node Manager webappmon.exe CGI Host Header Buffer Overflow

A buffer overflow vulnerability exists in the HP OpenView Network Node Manager NNM CGI program webappmon.exe. The vulnerability is due to a boundary error when processing the Host header from HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP...

Free Download Manager Remote Control Server Header Buffer Overflow (CVE-2009-0183)

Free Download Manager is an open source free download accelerator and manager software distributed under GPL license. It includes various features and components, such as upload manager, Flash video download, Remote Control Server, BitTorrent support, smart file management, a powerful scheduler a...

Monkey Web Server Denial Of Service

census ID: census-2009-0004 URL: http://census-labs.com/news/2009/12/14/monkey-httpd/ CVE ID: Pending Affected Products: Monkey web server versions ≤ 0.9.2. Class: Improper Input Validation CWE-20, Incorrect Calculation CWE-682 Remote: Yes Discovered by: Patroklos Argyroudis We have discovered a...

Monkey HTTPd improper input validation vulnerability

census ID: census-2009-0004 URL: http://census-labs.com/news/2009/12/14/monkey-httpd/ CVE ID: Pending Affected Products: Monkey web server versions ? 0.9.2. Class: Improper Input Validation CWE-20, Incorrect Calculation CWE-682 Remote: Yes Discovered by: Patroklos Argyroudis We have discovered a...

Novell eDirectory dhost HTTPSTK Buffer Overflow

Novell eDirectory is a Lightweight Directory Access Protocol LDAP server, intended for use as part of an identity management solution. A code execution vulnerability exists in Novell eDirectory. The vulnerability is due to lack of boundary validation when handling HTTP requests to the HTTPSTK for...

CVE-2009-2509

Active Directory Federation Services ADFS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly validate headers in HTTP requests, which allows remote authenticated users to execute arbitrary code via a crafted request to an IIS web server, aka "Remote Code Execution...