Design/Logic Flaw

A vulnerability was found in ACME Ultra Mini HTTPd 1.21. It has been classified as problematic. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2024-0263 ACME Ultra Mini HTTPd HTTP GET Request denial of service

A vulnerability was found in ACME Ultra Mini HTTPd 1.21. It has been classified as problematic. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2024-0263

CVE-2024-0263 affects ACME Ultra Mini HTTPd 1.21, specifically the HTTP GET Request Handler. The documented issue is a remote, unauthenticated denial of service caused by manipulation of this handler. Several connected sources confirm the impact is DoS and that a patch is recommended to fix the v...

CVE-2024-0263 ACME Ultra Mini HTTPd HTTP GET Request denial of service

A vulnerability was found in ACME Ultra Mini HTTPd 1.21. It has been classified as problematic. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1010)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1036)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ultra Mini HTTPd 1.21 Denial Of Service Exploit

Exploit Title: Ultra Mini HTTPd 1.21 - Denial of Service DoS Discovery by: Fernando Mengali Vendor Homepage: https://acme.com/ Software Link: https://acme.com/ Notification vendor: Yes reported Tested Version: Ultra Mini HTTPd 1.21 Tested on: Window XP Professional - Service Pack 2 and 3 - Englis...

CVE-2021-46901

examples/6lbr/apps/6lbr-webserver/httpd.c in CETIC-6LBR aka 6lbr 1.5.0 has a strcat stack-based buffer overflow via a request for a long URL over a 6LoWPAN network...

CETIC-6LBR Security Vulnerability

CETIC-6LBR is an open source 6LoWPAN/RPL border router based on the Contiki operating system. A security vulnerability exists in CETIC-6LBR version 1.5.0, which originates from a buffer overflow vulnerability in the component examples/6lbr/apps/6lbr-webserver/httpd.c. The vulnerability is caused ...

PT-2023-12621 · Unknown · Cetic-6Lbr

Name of the Vulnerable Software and Affected Versions: CETIC-6LBR aka 6lbr version 1.5.0 Description: The issue is a strcat stack-based buffer overflow that occurs when a request for a long URL is made over a 6LoWPAN network. This can be exploited via the httpd.c file in the...

D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from...

D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack ...

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default...

Vulnerabilities fixed in Fortinet FortiMail

Fortinet has fixed vulnerabilities in FortiMail. The vulnerability with reference CVE-2022-47538 allows an unauthenticated malicious party to use a specially prepared request, authentication on the management interface to bypassing authentication on the management interface. The malicious party c...

DEBIAN-CVE-2023-5379

A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by modcluster in httpd, causing JBoss EAP to close the TCP connection without returning an AJP response. This happens because modproxycluster...

Design/Logic Flaw

A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by modcluster in httpd, causing JBoss EAP to close the TCP connection without returning an AJP response. This happens because modproxycluster...

CVE-2023-5379

CVE-2023-5379 affects Undertow/AJP handling in Red Hat JBoss EAP, where an AJP request exceeding the max-header-size can cause mod_cluster to mark the backend as an error and close the TCP connection without an AJP response, enabling potential DoS via repeated oversized requests. The connected ad...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-3334)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-3302)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-3273)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...