CVE-2003-1486

Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to 1 smileys.php, 2 quicklistrss.php, 3 purge.php, 4 news.php, 5 memberlist.php, 6 forumlistrss.php, 7 forumlistrdf.php, 8 forumlist.php, or 9 move.php, which leaks the...

Monit 1.4/2.x/3/4 - 'HTTP Request' Buffer Overrun

source: https://www.securityfocus.com/bid/9099/info A buffer overrun vulnerability has been discovered in Monit 4.1 and earlier that could be exploited remotely to gain root privileges. The problem occurs due to insufficient bounds checking when handling overly long HTTP requests. As a result, it...

Thomson Cablemodem TCM315 - Denial of Service

// source: https://www.securityfocus.com/bid/9091/info A problem has been identified in Thomson Cable Modems when handling long requests on the HTTP port. Because of this, it may be possible for an attacker to deny service to legitimate users of the device. / ADVISORY - Thomson Cablemodem TCM315...

Apache Tomcat 4.0.x - Non-HTTP Request Denial of Service

Apache Tomcat 4.0.x - Non-HTTP Request Denial of Service source: https://www.securityfocus.com/bid/8824/info Apache Tomcat 4 has been reported prone to a remotely triggered denial-of-service vulnerability when handling undisclosed non-HTTP request types. When certain non-HTTP request types are...

Apache Tomcat 4.0.x - Non-HTTP Request Denial of Service

source: https://www.securityfocus.com/bid/8824/info Apache Tomcat 4 has been reported prone to a remotely triggered denial-of-service vulnerability when handling undisclosed non-HTTP request types. When certain non-HTTP request types are handled by the Tomcat HTTP connector, the Tomcat server wil...

Nokia Electronic Documentation 5.0 - Connection redirection

Nokia Electronic Documentation 5.0 - Connection redirection source: https://www.securityfocus.com/bid/8625/info A vulnerability has been discovered in Nokia Electronic Documentation NED that may allow an attacker to redirect connections to a third party system. The problem likely occurs due to th...

WideChapter 3.0 - HTTP Request Buffer Overflow

source: https://www.securityfocus.com/bid/8617/info WideChapter has been reported prone to a buffer overflow vulnerability when handling HTTP requests of excessive length. It has been reported that the condition may be triggered remotely when a malicious website is rendered in the affected browse...

Nokia Electronic Documentation 5.0 - Connection redirection

source: https://www.securityfocus.com/bid/8625/info A vulnerability has been discovered in Nokia Electronic Documentation NED that may allow an attacker to redirect connections to a third party system. The problem likely occurs due to the NED server failing to sufficiently verify hosts provided...

ftgatepro.txt

TITLE: FTGatePro Exposure of Sensitive Information SECUNIA ADVISORY ID: SA9719 VERIFY ADVISORY: http://www.secunia.com/advisories/9719/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: FTGatePro Mail Server 1.x DESCRIPTION: Two vulnerabilities have be...

Gordano Messaging Suite 9.0 - 'WWW.exe' Denial of Service

source: https://www.securityfocus.com/bid/8576/info It has been reported that Gordano Messaging Suite may be prone to a denial of service issue allowing a remote attacker to send malformed HTTP GET requests to cause the WWW.exe process to crash. The problme may lead to the termination of services...

Netbula Anyboard 9.9.5 6 - Information Disclosure

Netbula Anyboard 9.9.5 6 - Information Disclosure source: https://www.securityfocus.com/bid/8490/info A vulnerability has been reported in Netbula Anyboard that may allow a remote attacker to gain access to sensitive data. This problem is due to an information disclosure issue that can be trigger...

Netbula Anyboard 9.9.5 6 - Information Disclosure

source: https://www.securityfocus.com/bid/8490/info A vulnerability has been reported in Netbula Anyboard that may allow a remote attacker to gain access to sensitive data. This problem is due to an information disclosure issue that can be triggered by an attacker sending specific HTTP requests t...

ZH2003-17SA (security advisory): geeeekShop Shopping Cart Path Disclosure

ZH2003-17SA security advisory: geeeekShop Shopping Cart Path Disclosure Published: 9 august 2003 Released: 9 august 2003 Name: geeeekShop Shopping Cart System Affected Systems: 1.4.0 Issue: Remote attackers can know the path of the site Author: [email protected] Vendor: http://www.geeeeksoft.com...

Savant Web Server 3.1 - Denial of Service

Savant Web Server 3.1 - Denial of Service source: https://www.securityfocus.com/bid/8243/info Savant web server has been reported prone to multiple denial of service vulnerabilities. Reportedly, a remote attacker may invoke many HTTP requests in succession, against the Savant web server and cause...

Savant Web Server 3.1 - Denial of Service

source: https://www.securityfocus.com/bid/8243/info Savant web server has been reported prone to multiple denial of service vulnerabilities. Reportedly, a remote attacker may invoke many HTTP requests in succession, against the Savant web server and cause the service to fail. Additionally a remot...

cPanel Malicious HTML Tags Injection Vulnerability

------------------------------------------------------------------------------- ----- cPanel Malicious HTML Tags Injection Vulnerability ------------------------------------------------------------------------------- -- Author: Ory Segal, Sanctum inc. http://www.SanctumInc.com -- Discovery Date:...

SquirrelMail 1.2.11 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due to insufficient sanitization of URI parameters submitted withi...

SquirrelMail 1.2.11 - 'move_messages.php' Arbitrary File Moving

source: https://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due to insufficient sanitization of URI parameters submitted withi...

WebBBS Pro 1.18 - GET Denial of Service

WebBBS Pro 1.18 - GET Denial of Service source: https://www.securityfocus.com/bid/7890/info A vulnerability has been discovered in WebBBS Pro, which may allow a remote attacker to trigger a denial of service condition in the WebBBS HTTP server. It has been reported that a remote attacker may caus...

CVE-2003-0409

Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP 1 POST or 2 HEAD request...