CVE-2009-2865

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express CME component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...

Buffer overflow

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express CME component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...

CVE-2009-2865

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express CME component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...

Cisco ACE XML Gateway information leakage

Internal address of server is leaked on some HTTP requests...

CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

CVE-2009-2629

CVE-2009-2629 affects the nginx HTTP server, originating from a buffer underflow in ngx_http_parse.c used when processing request URIs. Public sources in the provided documents specify that versions 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 are vulner...

Debian: Security Advisory (DSA-1884-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe ColdFusion Server Cross-Site Request Forgery (APSB09-12; CVE-2009-1872)

Multiple Cross Site Scripting XSS and Cross-Site Request Forgery XSRF vulnerabilities have been discovered in Adobe ColdFusion server. Adobe ColdFusion is an application server for developing dynamically generated Web sites. A remote attacker could exploit this issue to execute a cross-site...

CVE-2009-2766

httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests...

Design/Logic Flaw

httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests...

CVE-2009-2766

CVE-2009-2766 affects httpd.c in the httpd management GUI of DD-WRT 24 sp1; CGI programs under /cgi-bin/ can be accessed without administrative authentication, enabling remote changes via HTTP requests. CBSS: Network vector, low complexity, no authentication, with partial impact on confidentialit...

VulnCheck KEV: CVE-2009-1536

ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service daemon outage via a series of crafted HTTP requests, aka...

Denial of service

ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service daemon outage via a series of crafted HTTP requests, aka "Remote...

Novell eDirectory Multiple Vulnerabilities - Jul09 (Linux)

This host is running Novell eDirectory and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodnovelledirmultvulnjul09lin.nasl 5122 2017-01-27 12:16:00Z teissa $ Novell eDirectory Multiple Vulnerabilities - Jul09 Linux Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

Secunia Research: Novell eDirectory iMonitor "Accept-Language" Buffer Overflow

====================================================================== Secunia Research 14/07/2009 - Novell eDirectory iMonitor "Accept-Language" Buffer Overflow - ====================================================================== Table of Contents Affected...

Foswiki CSRF Vulnerability

Foswiki is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Addonics NAS Adapter multiple security vulnerabilities

Buffer overflow with HTTP requests, FTP DoS...

Update Protection against Oracle Application Server 10g OPMN Service Format String Vulnerability

A vulnerability was reported in Oracle Application Server, a multi-platform solution for developing and deploying enterprise applications and web sites. The flaw is due to insufficient validation of the URI part of HTTP requests. Remote attackers could exploit this vulnerability by sending a...

Ubuntu 7.10 / 8.04 LTS / 8.10 : ktorrent vulnerabilities (USN-711-1)

It was discovered that KTorrent did not properly restrict access when using the web interface plugin. A remote attacker could use a crafted http request and upload arbitrary torrent files to trigger the start of downloads and seeding. CVE-2008-5905 It was discovered that KTorrent did not properly...