532 matches found
CVE-2013-1912
Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a denial of service crash and possibly execute...
haproxy: rewrite rules flaw can lead to arbitrary code execution
Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a denial of service crash and possibly execute...
Firefox/Chrome/Chromium Multiple Web Browsers (Memory Exhaustion)
This is a very stupid bug that can fill the memory and processor simply by entering a URL with a specially crafted web server The Evil Server This bug is based on an incorrect parsing of HTTP responses with "Connection: Keep-Alive" in ... basically all web browsers xD Chrome Firefox Chromium Lynx...
CVE-2012-5533
The httprequestsplitvalue function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service infinite loop via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header...
TFTP Server 1.4 - ST 'RRQ' Remote Buffer Overflow
!/usr/bin/python --------------------------------------------------------------------------- Exploit: TFTP SERVER V1.4 ST RRQ Overflow OS: Windows XP PRO SP3 Author: b33f --------------------------------------------------------------------------- Smashing the stack for fun and practise... This tf...
HTTPKiller - (Global HTTP DoS)
Connection Keep-Alive + Pipelining + Close the connection before the response + Something... = DoS Apache, IIS, Squid, NetCache, What else?...
Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability
SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: MyBB Password Reset Weak Random Numbers Vulnerability Release Date: 2010/04/13 Last Modified: 2010/04/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: MyBB = 1.4.11 Severity: Usage of weak random number...
Fixed XSS vulnerability at keep-tube.com
Security researcher hexon, has submitted on 13/04/2010 a cross-site-scripting XSS vulnerability affecting keep-tube.com, which at the time of submission ranked 23079 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is currently...
Sql injection
SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password...
CVE-2009-0287
SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password...
CVE-2009-0287
The vulnerability CVE-2009-0287 affects KEEP Toolkit prior to 2.5.1, exposed via lib/patUser.php. It allows remote attackers to inject SQL through the username and password parameters, enabling arbitrary SQL commands. Impact per CVSS v2 (AV:N/AC:L/Au:N/C:P/I:P/A:P) is high (base score 7.5). Upgra...
sISAPILocation vulnerability bypasses HTTP header rewrite function
Overview sISAPILocation, an ISAPI Internet Server Application Program Interface filter, contains a vulnerability that allows the HTTP header rewrite function to be bypassed. sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS Internet Information Services...
JVN#67060882 sISAPILocation vulnerability bypasses HTTP header rewrite function
sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS Internet Information Services. sISAPILocation contains a vulnerability that allows the HTTP header rewrite function to be bypassed. Impact When sISAPILocation is used to configure settings, such as to specify charact...
Directory traversal
Directory traversal vulnerability in viewprivate.php in Keep It Simple Guest Book KISGB 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the tmptheme parameter. NOTE: 5.1.1 is also reportedly affected...
CVE-2008-1635
Directory traversal vulnerability in viewprivate.php in Keep It Simple Guest Book KISGB 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the tmptheme parameter. NOTE: 5.1.1 is also reportedly affected...
CVE-2008-1635
CVE-2008-1635 affects Keep It Simple Guest Book (KISGB) up to version 5.0.0 (and reportedly 5.1.1) via a directory-traversal flaw in view_private.php. The vulnerability arises from a .. path in the tmp_theme parameter, allowing remote attackers to include and execute arbitrary local files. Docume...
CVE-2008-1635
Directory traversal vulnerability in viewprivate.php in Keep It Simple Guest Book KISGB 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the tmptheme parameter. NOTE: 5.1.1 is also reportedly affected...
KISGB <= (tmp_theme) 5.1.1 Local File Inclusion Vulnerability
No description provided by source. KISGB Keep It Simple Guest Book : Local FiLe Include's tmptheme Version : All Versions Download : http://sourceforge.net/project/showfiles.php?groupid=38585 ---------------------------------------------------------- Exploit coded and founded by Cr@zyKing Date:...
dlink.txt
!/bin/bash Coded Bt Ph3mt Of K-Security Team This Code is private, pls do not redistribute Release Date 25/11/2007 Code function dow echo 'POST /cgi-bin/firmwarecfg HTTP/1.1' richiesta echo 'Host: $IP' richiesta echo 'User-Agent: veryprivateacsor' richiesta echo 'Accept:...
HyperText Transfer Protocol (HTTP) Information
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive is enabled, etc... This test is informational only and does not denote any security problem. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid24260;...