Gattaca Server 2003 - 'Language' Path Exposure

source: https://www.securityfocus.com/bid/10729/info It is reported that Gattaca Server 2003 contains multiple path disclosure vulnerabilities. By sending HTTP requests to Gattaca's web server, it is reportedly possible to cause the application to return error pages that contain the full...

Gattaca Server 2003 - Null Byte Full Path Disclosure

source: https://www.securityfocus.com/bid/10729/info It is reported that Gattaca Server 2003 contains multiple path disclosure vulnerabilities. By sending HTTP requests to Gattaca's web server, it is reportedly possible to cause the application to return error pages that contain the full...

CVE-2004-0662

PowerPortal Path Disclosure (CVE-2004-0662) affects PowerPortal 1.x. The OpenVAS entry documents a remote vulnerability in the PHP-based PowerPortal CMS where an attacker can cause the product to disclose the installation path by abusing invalid or missing parameters in resize.php or modules.php....

CVE-2004-0662

PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to 1 resize.php or 2 modules.php, which reveals the path in an error message...

FreeBSD : mplayer heap overflow in http requests (5e7f58c3-b3f8-4258-aeb8-795e5e940ff8)

A remotely exploitable heap buffer overflow vulnerability was found in MPlayer's URL decoding code. If an attacker can cause MPlayer to visit a specially crafted URL, arbitrary code execution with the privileges of the user running MPlayer may occur. A visit' might be caused by social engineering...

MiniShare DoS

Incomplete HTTP request causs service to crash...

CVE-2004-2035

MiniShare 1.3.2 allows remote attackers to cause a denial of service crash via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences...

MiniShare 1.3.2 - Remote Denial of Service

MiniShare 1.3.2 - Remote Denial of Service source: https://www.securityfocus.com/bid/10417/info Minishare is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle improperly formed HTTP requests. This issue will allow an attacker to caus...

MiniShare 1.3.2 - Remote Denial of Service

source: https://www.securityfocus.com/bid/10417/info Minishare is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle improperly formed HTTP requests. This issue will allow an attacker to cause the affected computer to stop responding,...

eMule DoS

Combination of different HTTP requests causes application to crash...

CVE-2004-1984

Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to 1 phpinfo.php, 2 addpic.php, 3 config.php, 4 dbinput.php, 5 displayecard.php, 6 ecard.php, 7 crop.inc.php, which reveal the full path in a PHP error message...

HAHTsite Scenario Server fails to handle overly long URLs

Overview HAHTsite Scenario Server fails to properly handle HTTP requests containing an overly long "project name". Description HAHTsite Scenario Server is an e-Business platform that consists of a web application server and web development environment. There is a buffer overflow vulnerability in...

Oracle web cache buffer overflow

Heap overflow on invalid HTTP/HTTPS request...

EUVD-2004-0281

Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows...

Confixx 2 - Perl Debugger Remote Command Execution

source: https://www.securityfocus.com/bid/9831/info The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to a HTTP request for a PERL script resource, the...

CVE-2004-0039

Multiple format string vulnerabilities in HTTP Application Intelligence AI component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause forma...

CVE-2004-2117

Tiny Server 1.1 allows remote attackers to cause a denial of service crash via malformed HTTP requests such as 1 a GET request without the HTTP version HTTP/1.1, or 2 a request without GET or the HTTP version...

TinyServer 1.1 - Denial of Service

source: https://www.securityfocus.com/bid/9485/info TinyServer is prone to multiple vulnerabilities. A directory traversal issue is present in TinyServer that could allow a remote user to view or download any file to which the server has access. A denial of service issue exists due to the failure...

GoAhead Web Server 2.1.x - Directory Management Policy Bypass

source: https://www.securityfocus.com/bid/9450/info GoAhead WebServer is prone to a vulnerability that may permit remote attackers to bypass directory management policy. It is reported that certain syntax may be used in HTTP GET requests to bypass the policy for how certain request should be...

Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure

Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure source: https://www.securityfocus.com/bid/9431/info The e-GAP appliance has been reported prone to a source code disclosure vulnerability. It has been reported that, when the affected appliance handles unexpecte...