ChilkatHttp ActiveX 2.3 - Arbitrary Files Overwrite

-------------------------------------------------------------------- ChilkatHttp ActiveX 2.3 Arbitrary Files Overwrite url: www.chilkatsoft.com Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose. Use it at your own risk...

Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure

Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure source: https://www.securityfocus.com/bid/28548/info Microsoft's Crypto API library is prone to an information-disclosure vulnerability because HTTP requests to arbitrary hosts and ports may be automatically trigger...

Authentication flaw

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...

CVE-2008-1528

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...

CVE-2008-1528

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...

CVE-2008-1528

Affected: ZyXEL Prestige routers P-660, P-661, P-662 with firmware 3.40(AGD.2)–3.40(AHQ.3). Issue: remote authenticated users can read HTML sources via direct HTTP requests to disclose credentials, e.g., RemMagSNMP.html reveals SNMP communities and WLAN.html reveals WEP keys. Root cause: inadequa...

torrenttrader-xss.txt

Cross-site Scripting and CSRF in TorrentTrader Classic v1.08 Application: TorrentTrader Classic v1.08, possible other versions. Vendor URL: http://sourceforge.net/project/showfiles.php?groupid=98584&packageid=1809271. 1. Input passed to the msg property of account-inbox.php is not properly...

Cross-site Scripting and CSRF in TorrentTrader Classic v1.08

Cross-site Scripting and CSRF in TorrentTrader Classic v1.08 Application: TorrentTrader Classic v1.08, possible other versions. Vendor URL: http://sourceforge.net/project/showfiles.php?groupid=98584&packageid=1809271. 1. Input passed to the msg property of account-inbox.php is not properly...

WS_FTP Server < 6.1.1 Multiple Vulnerabilities

Binary data 4361.prm...

GLSA-200801-22 : PeerCast: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200801-22 PeerCast: Buffer overflow Luigi Auriemma reported a heap-based buffer overflow within the 'handshakeHTTP' function when processing HTTP requests. Impact : A remote attacker could send a specially crafted request to the...

PeerCast: Buffer overflow

Background PeerCast is a client and server for P2P-radio network Description Luigi Auriemma reported a heap-based buffer overflow within the "handshakeHTTP" function when processing HTTP requests. Impact A remote attacker could send a specially crafted request to the vulnerable server, possibly...

Debian Security Advisory DSA 901-1 (gnump3d)

The remote host is missing an update to gnump3d announced via advisory DSA 901-1. Several vulnerabilities have been discovered in gnump3d, a streaming server for MP3 and OGG files. The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2005-3349 Ludwig Nussel...

Design/Logic Flaw

IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to 1 delete arbitrary e-mail messages via a modified numeric ID or 2 "purge" deleted emails via a crafted email message...

CVE-2007-6018

IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to 1 delete arbitrary e-mail messages via a modified numeric ID or 2 "purge" deleted emails via a crafted email message...

urlevasion.txt

I dont know if its new but i code it during a PentTest and i would like to share it with you. It is based on code developed By sinhack research labs: http://sinhack.net/URLFilteringEvasion/sakeru.tx Description: "Fortinet's URL blocking functionality can be bypassed by specially-crafted HTTP...

FortiGuard: URL Filtering Application Bypass Vulnerability

I dont know if its new but i code it during a PentTest and i would like to share it with you. It is based on code developed By sinhack research labs: http://sinhack.net/URLFilteringEvasion/sakeru.tx Description: "Fortinet's URL blocking functionality can be bypassed by specially-crafted HTTP...

GLSA-200712-18 : Multi-Threaded DAAP Daemon: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200712-18 Multi-Threaded DAAP Daemon: Multiple vulnerabilities nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The wsaddarg function contains a format string vulnerability, as it does not...

Mantis < 0.9.5 / 1.1.0 RC5 view.php HTML Injection

Binary data 4326.prm...

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

JVN#77414947 Cybozu Office denial of service (DoS) vulnerability

Cybozu Office, web-based groupware, is vulnerable to a denial of service DoS attack because it fails to properly handle specially crafted HTTP requests. Impact A remote attacker can cause a denial of service DoS against the server. Solution Update the Software For more information, refer to the...