Sun Java System Web Server WebDAV OPTIONS request buffer overflow

Added: 02/05/2010 CVE: CVE-2010-0361 BID: 37874 OSVDB: 61851 Background Sun Java System Web Server is a web application server. WebDAV Web-based Distributed Authoring and Versioning is an extension to the HTTP protocol which allows users to edit web server content. Problem A buffer overflow...

Sun Java System Web Server 7.0 Update 6 / 7.0 Update 7 Multiple Vulnerabilities

Sun Java Web Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sun:javasystemwebserver...

Sun Java System Web Server Multiple Vulnerabilities (Windows)

This host has Sun Java Web Server running which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservmultvulnwin.nasl 6483 2017-06-29 08:51:15Z cfischer $ Sun Java System Web Server Multiple Vulnerabilities Windows Authors: Veerendra G Copyright: Copyright c 20...

Sun Java System Web Server Multiple Vulnerabilities - Windows

Sun Java Web Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sun Java System Web Server Multiple Vulnerabilities (Linux)

This host has Sun Java Web Server running which is prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservmultvulnlin.nasl 7823 2017-11-20 08:54:04Z cfischer $ Sun Java System Web Server Multiple Vulnerabilities Linux Authors: Veerendra G Copyright: Copyright c 2010...

Sun Java System Web Server Denial of Service Vulnerability - Windows

Sun Java Web Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sun Java System Web Server < 7.0 Update 8 Multiple Heap-based Buffer Overflow Vulnerabilities

Sun Java Web Server is prone to multiple heap-based buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Sun Java System Web Server Denial of Service Vulnerability (Windows)

This host has Sun Java Web Server running which is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservdosvulnwin.nasl 6483 2017-06-29 08:51:15Z cfischer $ Sun Java System Web Server Denial of Service Vulnerability Windows Authors: Veerendra G Copyright:...

Sun Java System Web Server Multiple Heap-based Buffer Overflow Vulnerabilities (Linux)

This host has Sun Java Web Server running which is prone to multiple Heap-based Buffer Overflow Vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservheapbofvulnlin.nasl 7823 2017-11-20 08:54:04Z cfischer $ Sun Java System Web Server Multiple Heap-based Buffer Overflow Vulnerabiliti...

Update Protection against Sun Java System Application Server HTTP TRACE Vulnerability

Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method which can be leveraged by attackers to gain access to sensitive user information. The HTTP TRACE method returns the contents of client HTTP requests in the entity-body of the TRACE response. A local or remote...

CVE-2010-0388

Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaratio...

CVE-2010-0387

Multiple heap-based buffer overflows in 1 webservd and 2 the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via a long string in an "Authorization: Digest" HTTP header...

CVE-2010-0386

The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and CVE-2005-3398...

Heap overflow

Multiple heap-based buffer overflows in 1 webservd and 2 the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via a long string in an "Authorization: Digest" HTTP header...

Design/Logic Flaw

The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and CVE-2005-3398...

Format string

Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaratio...

Null pointer dereference

The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an HTTP request that lacks a method token...

CVE-2010-0389

The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an HTTP request that lacks a method token...

CVE-2010-0387

Multiple heap-based buffer overflows in 1 webservd and 2 the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via a long string in an "Authorization: Digest" HTTP header...

CVE-2010-0386

CVE-2010-0386 affects Sun Java System Application Server 7 and 7 2004Q2. The default config enables HTTP TRACE, enabling remote attackers to steal cookies and authentication credentials via cross-site tracing (XST); related to CVE-2004-2763 and CVE-2005-3398. The connected documents provide the v...