EUVD-2014-0518

Malware in sbrugna...

The vulnerability of the lighttpd web server arises from the execution of operations beyond the buffer in memory, allowing an attacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerability of the lighttpd web server arises from the issue of operations going beyond the buffer in memory when comparing values of the If-Modified-Since header fields. Exploiting this vulnerability allows a remote attacker to bypass the ASLR protection mechanism and gain unauthorized...

ecstatic node module denial of service vulnerability

ecstatic node module is a http cooperative static file server middleware . A security vulnerability exists in ecstatic node module versions prior to 1.4.0. An attacker can exploit this vulnerability to cause a denial of service crash by sending input with the help of the If-Modified-Since packet...

hapi node module denial of service vulnerability

The hapi node module is a server framework for Node.js. The framework supports input validation, caching, authentication and more. A security vulnerability exists in hapi node module versions prior to 11.1.3. An attacker exploits the vulnerability to cause a denial of service socket exhaustion wi...

CVE-2015-9242

Certain input strings when passed to new Date or Date.parse in ecstatic node module before 1.4.0 will cause v8 to raise an exception. This leads to a crash and denial of service in ecstatic when this input is passed into the server via the If-Modified-Since header...

CVE-2015-9242

Certain input strings when passed to new Date or Date.parse in ecstatic node module before 1.4.0 will cause v8 to raise an exception. This leads to a crash and denial of service in ecstatic when this input is passed into the server via the If-Modified-Since header...

CVE-2015-9242

CVE-2015-9242 concerns the ecstatic Node.js module. The vulnerability affects versions before 1.4.0 and is triggered when certain input strings are passed via the Last-Modified or If-Modified-Since headers, causing v8 to crash and enabling a denial-of-service condition on the server. The issue st...

CVE-2014-0487

CVE-2014-0487 affects APT prior to 1.0.9. The issue is that APT does not verify downloaded files if they have been modified as indicated by the If-Modified-Since header, with unspecified impact and attack vectors. CVSSv2 base score 7.5 (HIGH) from NVD, but the provided documents do not specify co...

CVE-2014-0487

APT before 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors...

Xitami 2.5c2 Web Server If-Modified-Since Overflow

No description provided by source. $Id: xitamiifmodsince.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

Buffer overflow

Multiple buffer overflows in iMatix Xitami Web Server 2.5c2 allow remote attackers to execute arbitrary code via a long If-Modified-Since header to 1 xigui32.exe or 2 xitami.exe...

CVE-2007-5067

Multiple buffer overflows in iMatix Xitami Web Server 2.5c2 allow remote attackers to execute arbitrary code via a long If-Modified-Since header to 1 xigui32.exe or 2 xitami.exe...

thttpd < 2.05 If-Modified-Since Header Remote Overflow

Binary data 1469.prm...