Lucene search
K

532 matches found

UbuntuCve
UbuntuCve
added 2013/04/10 12:0 a.m.23 views

CVE-2013-1912

Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a denial of service crash and possibly execute...

5.1CVSS6.1AI score0.05464EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/04/09 6:7 p.m.3 views

haproxy: rewrite rules flaw can lead to arbitrary code execution

Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a denial of service crash and possibly execute...

5.1CVSS6.3AI score0.05464EPSS
Exploits0References4
0day.today
0day.today
added 2012/12/30 12:0 a.m.16 views

Firefox/Chrome/Chromium Multiple Web Browsers (Memory Exhaustion)

This is a very stupid bug that can fill the memory and processor simply by entering a URL with a specially crafted web server The Evil Server This bug is based on an incorrect parsing of HTTP responses with "Connection: Keep-Alive" in ... basically all web browsers xD Chrome Firefox Chromium Lynx...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2012/11/24 8:0 p.m.25 views

CVE-2012-5533

The httprequestsplitvalue function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service infinite loop via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header...

9AI score0.12038EPSS
Exploits7References16
Exploit DB
Exploit DB
added 2012/01/10 12:0 a.m.46 views

TFTP Server 1.4 - ST 'RRQ' Remote Buffer Overflow

!/usr/bin/python --------------------------------------------------------------------------- Exploit: TFTP SERVER V1.4 ST RRQ Overflow OS: Windows XP PRO SP3 Author: b33f --------------------------------------------------------------------------- Smashing the stack for fun and practise... This tf...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.62 views

HTTPKiller - (Global HTTP DoS)

Connection Keep-Alive + Pipelining + Close the connection before the response + Something... = DoS Apache, IIS, Squid, NetCache, What else?...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2010/04/14 12:0 a.m.40 views

Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: MyBB Password Reset Weak Random Numbers Vulnerability Release Date: 2010/04/13 Last Modified: 2010/04/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: MyBB = 1.4.11 Severity: Usage of weak random number...

Exploits0
xssed
xssed
added 2010/04/13 12:0 a.m.11 views

Fixed XSS vulnerability at keep-tube.com

Security researcher hexon, has submitted on 13/04/2010 a cross-site-scripting XSS vulnerability affecting keep-tube.com, which at the time of submission ranked 23079 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is currently...

0.1AI score
Exploits0References1
Prion
Prion
added 2009/01/27 6:30 p.m.9 views

Sql injection

SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password...

7.5CVSS9.1AI score0.01096EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/01/27 6:0 p.m.17 views

CVE-2009-0287

SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password...

8.4AI score0.01096EPSS
Exploits0References5
CVE
CVE
added 2009/01/27 6:0 p.m.44 views

CVE-2009-0287

The vulnerability CVE-2009-0287 affects KEEP Toolkit prior to 2.5.1, exposed via lib/patUser.php. It allows remote attackers to inject SQL through the username and password parameters, enabling arbitrary SQL commands. Impact per CVSS v2 (AV:N/AC:L/Au:N/C:P/I:P/A:P) is high (base score 7.5). Upgra...

7.5CVSS8.7AI score0.01096EPSS
Exploits0References5Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/11/10 4:29 a.m.4 views

sISAPILocation vulnerability bypasses HTTP header rewrite function

Overview sISAPILocation, an ISAPI Internet Server Application Program Interface filter, contains a vulnerability that allows the HTTP header rewrite function to be bypassed. sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS Internet Information Services...

5CVSS6.6AI score0.01477EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/11/06 12:0 a.m.21 views

JVN#67060882 sISAPILocation vulnerability bypasses HTTP header rewrite function

sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS Internet Information Services. sISAPILocation contains a vulnerability that allows the HTTP header rewrite function to be bypassed. Impact When sISAPILocation is used to configure settings, such as to specify charact...

6.8AI score
Exploits0
Prion
Prion
added 2008/04/02 5:44 p.m.13 views

Directory traversal

Directory traversal vulnerability in viewprivate.php in Keep It Simple Guest Book KISGB 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the tmptheme parameter. NOTE: 5.1.1 is also reportedly affected...

7.5CVSS7.6AI score0.0299EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2008/04/02 5:44 p.m.11 views

CVE-2008-1635

Directory traversal vulnerability in viewprivate.php in Keep It Simple Guest Book KISGB 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the tmptheme parameter. NOTE: 5.1.1 is also reportedly affected...

7.5CVSS7.1AI score0.0299EPSS
Exploits0References3
CVE
CVE
added 2008/04/02 5:0 p.m.37 views

CVE-2008-1635

CVE-2008-1635 affects Keep It Simple Guest Book (KISGB) up to version 5.0.0 (and reportedly 5.1.1) via a directory-traversal flaw in view_private.php. The vulnerability arises from a .. path in the tmp_theme parameter, allowing remote attackers to include and execute arbitrary local files. Docume...

7.5CVSS7.1AI score0.0299EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/04/02 5:0 p.m.16 views

CVE-2008-1635

Directory traversal vulnerability in viewprivate.php in Keep It Simple Guest Book KISGB 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the tmptheme parameter. NOTE: 5.1.1 is also reportedly affected...

7.1AI score0.0299EPSS
Exploits0References3
seebug.org
seebug.org
added 2008/03/30 12:0 a.m.24 views

KISGB <= (tmp_theme) 5.1.1 Local File Inclusion Vulnerability

No description provided by source. KISGB Keep It Simple Guest Book : Local FiLe Include's tmptheme Version : All Versions Download : http://sourceforge.net/project/showfiles.php?groupid=38585 ---------------------------------------------------------- Exploit coded and founded by Cr@zyKing Date:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/18 12:0 a.m.24 views

dlink.txt

!/bin/bash Coded Bt Ph3mt Of K-Security Team This Code is private, pls do not redistribute Release Date 25/11/2007 Code function dow echo 'POST /cgi-bin/firmwarecfg HTTP/1.1' richiesta echo 'Host: $IP' richiesta echo 'User-Agent: veryprivateacsor' richiesta echo 'Accept:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/01/30 12:0 a.m.587 views

HyperText Transfer Protocol (HTTP) Information

This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive is enabled, etc... This test is informational only and does not denote any security problem. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid24260;...

5.5AI score
Exploits0
Rows per page
Query Builder