CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5772 matches found

securityvulns•added 2002/11/12 12:0 a.m.•36 views

Remote Buffer Overflow vulnerability in Light HTTPd

======================================== INetCop Security Advisory 2002-0x82-002 ======================================== Title: Remote Buffer Overflow vulnerability in Light HTTPd. 0x01. Description Lhttpd that is improved in ghttpd for more convenient and strong webserver, is webserver that off...

7.5AI score

Exploits0

Exploit DB•added 2002/11/12 12:0 a.m.•22 views

Light HTTPd 0.1 - 'GET' Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/6162/info Light httpd is prone to a remotely exploitable buffer overflow condition. This overflow can be triggered by sending the server an excessively long GET request. As Light httpd drops user privileges when running, exploitation of this issue may...

7AI score

Exploits0

Exploit DB•added 2002/11/12 12:0 a.m.•26 views

Light HTTPd 0.1 - 'GET' Buffer Overflow (1)

7.4AI score

Exploits0

securityvulns•added 2002/10/29 12:0 a.m.•23 views

[SNS Advisory No.57] AN HTTPD Cross-site Scripting Vulnerability

---------------------------------------------------------------------- SNS Advisory No.57 AN HTTPD Cross-site Scripting Vulnerability Problem first discovered: Wed, 23 Oct 2002 Published: Mon, 28 Oct 2002 Reference: http://www.lac.co.jp/security/english/snsadve/57e.html...

Exploits0

securityvulns•added 2002/10/29 12:0 a.m.•26 views

Crossite scripting in AN HTTPD

AN HTTPD shows an error page if a client sends a request containing ":" in the URI field. The problem occurs due to the fact that this URI is injected into the error page without being sanitized...

0.4AI score

Exploits0References1Affected Software1

Packet Storm•added 2002/10/22 12:0 a.m.•18 views

anhttpd141c_exploit.java

Advisory Information -------------------- Name : AN HTTPD Vendor Homepage : http://www.st.rim.or.jp/nakata/ Platforms : Windows9x/Me/NT/2000/XP Vulnerability Type : stack overflow very easy to exploit Vendor Contacted : 17/10/2002 Vendor Replied : 20/10/2002 Vulnerable Versions : 1.30 to 1.41c No...

7.4AI score

Exploits0

exploitpack•added 2002/10/21 12:0 a.m.•20 views

AN HTTPD 1.381.391.401.41 - SOCKS4 Buffer Overflow

AN HTTPD 1.381.391.401.41 - SOCKS4 Buffer Overflow source: https://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, ...

1.1AI score

Exploits0

Exploit DB•added 2002/10/21 12:0 a.m.•24 views

AN HTTPD 1.38/1.39/1.40/1.41 - 'SOCKS4' Buffer Overflow

source: https://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, it handles user names in an unsafe manner. An...

7.4AI score

Exploits0

exploitpack•added 2002/10/05 12:0 a.m.•19 views

ATP HTTPd 0.4 - Single Byte Buffer Overflow

ATP HTTPd 0.4 - Single Byte Buffer Overflow // source: https://www.securityfocus.com/bid/5956/info ATP httpd is a lightweight HTTP server. A vulnerability has been reported in ATP httpd that may result in compromise of root access to remote attackers. It is possible to overwrite the least...

0.7AI score

Exploits0

Exploit DB•added 2002/10/05 12:0 a.m.•31 views

ATP HTTPd 0.4 - Single Byte Buffer Overflow

// source: https://www.securityfocus.com/bid/5956/info ATP httpd is a lightweight HTTP server. A vulnerability has been reported in ATP httpd that may result in compromise of root access to remote attackers. It is possible to overwrite the least significant byte of the saved base pointer with a...

7AI score

Exploits0

CERT•added 2002/10/03 12:0 a.m.•40 views

Apache HTTPD server vulnerable to cross site scripting on error page when using wildcard DNS

Overview Versions of the Apache HTTPD server with wildcard DNS enabled and UseCanonicalName disabled, are vulnerable to a cross-site scripting attack. Description Apache HTTPD servers versions 2.0.42 and prior, and 1.3.26 and prior, with wildcard DNS enabled and UseCanonicalName disabled, are...

6.8CVSS8.7AI score0.94006EPSS

Exploits0References1

securityvulns•added 2002/09/28 12:0 a.m.•19 views

remote exploitable heap overflow in Null HTTPd 0.5.0

included: - netric-adv009.txt advisory - bakkum.c remote root exploit Kind Regards, Netric Security http://www.netric.org Message sent using UebiMiau 2.7 attachment: bakkum.c application/octet-stream Netric Security Team - http://www.netric.org|be By Netric Nullhttpd 0.5.0 type: heap overflow...

0.2AI score

Exploits0

securityvulns•added 2002/09/28 12:0 a.m.•37 views

Buffer overflow in Null HTTPd

Heap overflow because of signed/yubsugbed cibversion...

2.2AI score

Exploits0References1Affected Software1

Apache Httpd•added 2002/09/24 12:0 a.m.•35 views

Apache Httpd < 2.0.42 : mod_dav crash

A flaw was found in handling of versioning hooks in moddav. An attacker could send a carefully crafted request in such a way to cause the child process handling the connection to crash. This issue will only result in a denial of service where a threaded process model is in use...

5CVSS2.1AI score0.07044EPSS

Exploits0Affected Software1

exploitpack•added 2002/09/23 12:0 a.m.•8 views

Null HTTPd 0.5 - Remote Heap Overflow

Null HTTPd 0.5 - Remote Heap Overflow // source: https://www.securityfocus.com/bid/5774/info Null httpd is a small multithreaded web server for Linux and Windows, mantained by NullLogic. A remotely exploitable heap overflow has been discovered in Null httpd. By passing a negative content length...

0.6AI score

Exploits0

Exploit DB•added 2002/09/23 12:0 a.m.•24 views

Null HTTPd 0.5 - Remote Heap Overflow

// source: https://www.securityfocus.com/bid/5774/info Null httpd is a small multithreaded web server for Linux and Windows, mantained by NullLogic. A remotely exploitable heap overflow has been discovered in Null httpd. By passing a negative content length value to the server, it is possible to...

7.4AI score

Exploits0

Apache Httpd•added 2002/09/20 12:0 a.m.•31 views

Apache Httpd < 2.0.43 : Error page XSS using wildcard DNS

Cross-site scripting XSS vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header...

6.8CVSS3.9AI score0.94006EPSS

Exploits0Affected Software1

Apache Httpd•added 2002/09/20 12:0 a.m.•46 views

Apache Httpd < 1.3.27 : Error page XSS using wildcard DNS

6.8CVSS3.9AI score0.94006EPSS

Exploits0Affected Software1

exploitpack•added 2002/09/02 12:0 a.m.•14 views

NullLogic Null HTTPd 0.5 - Error Page Cross-Site Scripting

NullLogic Null HTTPd 0.5 - Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/5603/info NullLogic Null HTTPd is a small multithreaded webserver for Linux and Windows. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error page...

6.8AI score

Exploits0

securityvulns•added 2002/09/02 12:0 a.m.•16 views

XSS in Null HTTPd

Null HTTPd is a simple HTTP server that runs on Win32/Unix systems. It is quite basic, but offers good CGI support. A vulnerability in Null HTTPd may allow cross-site scripting via a 404 page: http://localhost/a?x=SCRIPTalertdocument.URL/SCRIPT You have to place this in the query string so that i...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by