AN HTTPD 1.38/1.39/1.40/1.41 Malformed SOCKS4 Request Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, it handles user...

simple httpd <= 1.38 Multiple Vulnerabilities

No description provided by source. Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: = 1.38 Platforms: Windows, nix, QNX, RTEMS only Windows seems vulnerable Bugs: A directory traversal B scripts and CGI viewing/downloading %20 char found by Shay priel in Jun 2007...

Mephistoles HTTPD 0.6 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9470/info Mephistoles 'httpd' daemon fails to sanitize user-supplied input, making it vulnerable to cross-site scripting attacks. This vulnerability allows an attacker to construct a malicious link containing HTML or scri...

Simple HTTPD <= 1.41 (/aux) Remote Denial of Service Exploit

No description provided by source. usage: poc.py host port import socket import sys print ----------------------------------------------------------------------- print Simple HTTPD 1.3 /aux Denial of Service\n print url: http://shttpd.sourceforge.net\n print author: shinnai print mail:...

AN-HTTPd 1.2 b CGI Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/762/info Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data...

Ultra Mini HTTPD Stack Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Evolvable Shambala Server 4.5 Web Server Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4897/info Shambala Server is a FTP, Web, and Chat server targeted for the Small Office/Home Office user. It has been reported that Shambala Server's web server may be prone to a denial of service vulnerability. The denial...

NCSA httpd-campas 1.2 sample script Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1975/info Campas is a sample CGI script shipped with some older versions of NCSA HTTPd, an obsolete web server package. The versions that included the script could not be determined as the server is no longer maintained,...

Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementatio...

Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow

No description provided by source. Exploit Title: Ultra Mini HTTPD stack buffer overflow POST request Date: 16 Feb 2014 Exploit Author: Sumit Vendor Homepage: http://www.picolix.jp/ Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.21 Tested on: Windows XP Professiona...

Null HTTPD 0.5 - Remote Heap Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6255/info A heap corruption vulnerability has been discovered in Null httpd. By passing a small content length value to the server and triggering the server to make a second recv of POST data, it is possible to overrun a...

Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementatio...

Netscape FastTrack Server 3.0.1 Fasttrack Root Directory Listing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/481/info Netscape's Fasttrack server is supposed to display a directory listing if the follwing three conditions are met: 1: Directory listing is enabled 2: No filename is specified in the requested URL 3: There is no ind...

Motorola SB5101 Hax0rware Rajko HTTPD Remote Exploit PoC

No description provided by source. !/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32 and R39 Description: Motorola SB51...

Cobalt RaQ4 Administrative Interface Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6326/info The RaQ4 is a server appliance distributed and maintained by Sun Microsystems. A vulnerability has been reported in the web administration interface of the RaQ4. It is possible for a remote attacker to execute...

Null HTTPd 0.5 - Remote Heap Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5774/info Null httpd is a small multithreaded web server for Linux and Windows, mantained by NullLogic. A remotely exploitable heap overflow has been discovered in Null httpd. By passing a negative content length value to...

Monkey HTTPD 1.1.1 - Crash PoC

No description provided by source. Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been...

Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit

No description provided by source. !/usr/bin/python Title: Mini HTTPD stack buffer overflow POST exploit Author: TheColonial Date: 20 Feb 2013 Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Vendor Homepage: http://www.picolix.jp/ Version: 1.21 Tested on: Windows XP Profession...

NCSA httpd 1.x Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/3158/info NCSA HTTPd is a free, open-source web server for nix systems. NCSA HTTPd versions 1.3 and earlier are prone to an exploitable buffer overflowin the username field which will allow malicious remote users to execu...

NullLogic Null HTTPd 0.5.1 Error Page Long HTTP Request Cross-Site Scripting Vulnerablity

No description provided by source. source: http://www.securityfocus.com/bid/8695/info It has been reported that Null HTTPd is prone to a cross-site scripting vulnerability when displaying error pages that may allow an attacker to execute HTML or script code in a user's browser. The issue was...