Microsoft ISA Server HTTP Request Smuggling Vulnerability

Description Microsoft Internet Security and Acceleration ISA server is reported prone to a HTTP request smuggling attack. The vendor reports that Microsoft ISA server fails to correctly handle an invalid HTTP request that contains multiple 'Content-Length' values in an invalid HTTP header. A remo...

CVE-2005-1836

NEXTWEB iSite allows remote attackers to cause a denial of service error 500 via a crafted HTTP request, possibly involving wildcard requests for .jsp files...

CVE-2004-2117

CVE-2004-2117 : The Tiny Server 1.1 product is affected. It allows remote attackers to cause a denial of service (crash) by sending malformed HTTP requests, such as a GET request without an HTTP version (HTTP/1.1) or a request lacking both GET and the HTTP version. The provided documents do not i...

CVE-2004-2117

Tiny Server 1.1 allows remote attackers to cause a denial of service crash via malformed HTTP requests such as 1 a GET request without the HTTP version HTTP/1.1, or 2 a request without GET or the HTTP version...

CVE-2004-1804

wMCam server 2.1.348 allows remote attackers to cause a denial of service no new connections via multiple malformed HTTP requests without the GET command...

CVE-2005-0734

PY Software Active Webcam WebServer webcam.exe 5.5 allows remote attackers to cause a denial of service memory exhaustion and process crash via a large number of HTTP requests...

includer10.pl.txt

Target - The Includer CGI \n\n"; print " - Host name of taget.\n"; print " - If not in dir type / symbol.\n"; print " - command for execution.\n\n"; print " Examples:\n\n"; print " incl10.pl 127.0.0.1 /cgi-bin/ "ls -la"\n"; print " incl10.pl 127.0.0.1 / "uname -a"\n"; print " incl10.pl...

CVE-2004-1084

The CVE-2004-1084 entry describes an Apache on Mac OS X vulnerability affecting versions 10.2.8 and 10.3.6 where remote attackers can read files and resource fork content via HTTP requests to specially named HFS+ data streams, bypassing Apache file handles. The root cause is related to how HFS+ d...

punBB < 1.2.5 profile.php SQL Injection

Binary data 2807.prm...

iDEFENSE Security Advisory 03.14.05: MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities

MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities iDEFENSE Security Advisory 03.14.05 www.idefense.com/application/poi/display?id=218&type=vulnerabilities March 14, 2005 I. BACKGROUND MaxDB by MySQL is a re-branded and enhanced version of SAP DB, SAP AG's open source database. MaxD...

Phorum < 5.0.15 HTML Injection

Binary data 2705.prm...

CVE-2005-0734

CVE-2005-0734 affects PY Software’s Active WebCam WebServer (webcam.exe) version 5.5. The available documents state that remote attackers can cause a denial of service through a flood of HTTP requests, leading to memory exhaustion and a process crash. The root cause is not explicitly detailed in ...

CVE-2005-0734

PY Software Active Webcam WebServer webcam.exe 5.5 allows remote attackers to cause a denial of service memory exhaustion and process crash via a large number of HTTP requests...

CVE-2004-1744

Easy File Sharing EFS Webserver 1.25 allows remote attackers to cause a denial of service CPU consumption or crash via many large HTTP requests...

CVE-2004-1749

Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service CPU consumption via a large number of HTTP requests...

webconnect.pl

WebConnect version 6.4.4 - 6.5 Proof of Concept Coded bY ++Karak0rsan++ [email protected] Usage:perl webconnect.pl target port Default port: 2080 Greetz:hurby,phalaposher,r3db4r0n,L4M3R,zeronc,Atak,sloan,emre, fox and all my friends Konak Anatolian High School - Prep/C Class Sen kendini...

OpenConnect Webconnect MS-DOS device name denial-of-service

Overview OpenConnect WebConnect may stop responding after processing an HTTP request with an MS-DOS device name in it. Description OpenConnect Webconnect provides secured web access and emulation services for backend mainframes and UNIX servers. Versions of Webconnect prior to 6.4.5 and 6.5.1...

phpbb.ssh.D.txt

/usr/bin/perl ------------------------------------------------------------------------ Severino Honorato - /server irc.priv8crew.info Priv8crew - ssh.D.Worm use IO::Socket; use LWP::Simple; my $processo = "/usr/local/apache/bin/httpd -DSSL"; $SIG"INT" = "IGNORE"; $SIG"HUP" = "IGNORE"; $SIG"TERM" ...

CVE-2004-1804

wMCam server 2.1.348 allows remote attackers to cause a denial of service no new connections via multiple malformed HTTP requests without the GET command...

CVE-2004-2381

HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service memory usage and application crash via HTTP requests with a large Content-Length...