CVE-2005-3330

The CVE-2005-3330 entry concerns Snoopy 1.2, where the _httpsrequest function allows remote command execution via shell metacharacters in an HTTPS URL to an SSL page, due to improper handling in the fetch function. Affected usage includes MagpieRSS, WordPress, Ampache, and Jinzora. Documented imp...

CVE-2005-3330

The httpsrequest function in Snoopy 1.2, as used in products such as 1 MagpieRSS, 2 WordPress, 3 Ampache, and 4 Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function...

CVE-2005-3322

Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service crash via HTTPs SSL...

WordPress <= 1.2 - Remote Code Execution

Because of this vulnerability in The httpsrequest function in Snoopy, the attackers can execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, that is not properly handled by the fetch function. Solution Update the WordPress to the latest available versi...

CVE-2005-3059

Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to 1 " handling of must-revalidate cache directive for HTTPS pages" or 2 a "display issue with cookie comment encoding."...

CVE-2005-3059

CVE-2005-3059 affects Opera 8.50 on Linux and Windows. The vulnerabilities are described as multiple unspecified issues tied to (1) handling of the must-revalidate cache directive for HTTPS pages and (2) a cookie comment encoding display issue. The connected documents do not provide concrete expl...

CVE-2005-3059

Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to 1 " handling of must-revalidate cache directive for HTTPS pages" or 2 a "display issue with cookie comment encoding."...

Multiple Linksys WRT54G router vulnerabilities

Buffer overflow and possibility for unauthorized configuration / firmware modification, static HTTPs key, DoS...

[SECURITY] [DSA 807-1] New mod_ssl packages fix acl restriction bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 807-1 [email protected] http://www.debian.org/security/ Martin Schulze September 12th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 807-1] New mod_ssl packages fix acl restriction bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 807-1 [email protected] http://www.debian.org/security/ Martin Schulze September 12th, 2005 http://www.debian.org/security/faq -...

DSA-807-1 libapache-mod-ssl - acl restriction bypass

Bulletin has no description...

Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow

The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition. Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Teln...

CVE-2004-2424

BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 allow remote attackers to cause a denial of service network port consumption via unknown actions in HTTPS sessions, which prevents the server from releasing the network port when the session ends...

MailEnable mail server multiple vulnerabilities

DoS on extended ASCII characted in EHLO command. Multiple IMAP buffer overflows. Authorization HTTPS buffer overflow...

Cisco Security Advisory: FWSM URL Filtering Solution TCP ACL Bypass Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: ======================== FWSM URL Filtering Solution TCP ACL Bypass Vulnerability ======================================================== Document ID: 64821 Revision 1.0 For Public Release 2005 May 11 1600 UTC GMT -...

CVE-2005-1517

The Cisco Firewall Services Module (FWSM) 2.3.1 and earlier is affected by a vulnerability where TCP packets can bypass access control lists (ACLs) when URL, FTP, or HTTPS filtering exceptions are used. This is documented in CVE-2005-1517 and referenced in Cisco’s security advisory and NVD record...

CVE-2004-0462

The CVE-2004-0462 issue concerns the built-in web servers in multiple networking devices failing to set the Secure attribute on cookies during HTTPS sessions, risking plaintext cookie exposure over HTTP. Connected materials (notably F5 BIG-IP SOL15406) specify affected products and versions, e.g....

CVE-2004-0462

The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server...

CVE-2005-1385

Safari 1.3 allows remote attackers to cause a denial of service application crash via a long https URL that triggers a NULL pointer dereference...

CVE-2005-1385

CVE-2005-1385 affects Safari 1.3. A remote attacker can trigger a denial of service (application crash) by supplying a long https URL that causes a NULL pointer dereference. The available records confirm the crash as the impact, with no additional exploit details or affected versions beyond the c...