Lucene search
K

117 matches found

redhat
redhat
added 2014/05/21 4:6 p.m.5 views

tomcat: multiple content-length header poisoning flaws

It was found that when Tomcat / JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat / JBoss Web would incorrectly handle the request. A remote...

5.8CVSS6.5AI score0.16833EPSS
Exploits2References4
redhat
redhat
added 2014/05/21 3:45 p.m.2 views

tomcat: multiple content-length header poisoning flaws

It was found that when Tomcat / JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat / JBoss Web would incorrectly handle the request. A remote...

5.8CVSS6.5AI score0.16833EPSS
Exploits2References4
redhat
redhat
added 2014/04/23 6:27 p.m.5 views

tomcat: multiple content-length header poisoning flaws

It was found that when Tomcat / JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat / JBoss Web would incorrectly handle the request. A remote...

5.8CVSS6.5AI score0.16833EPSS
Exploits2References4
osv
osv
added 2014/04/08 12:0 a.m.40 views

DSA-2897-1 tomcat7 - security update

Bulletin has no description...

7.5CVSS7.4AI score0.83175EPSS
Exploits16
redhat
redhat
added 2014/04/03 10:1 p.m.5 views

tomcat: multiple content-length header poisoning flaws

It was found that when Tomcat / JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat / JBoss Web would incorrectly handle the request. A remote...

5.8CVSS6.5AI score0.16833EPSS
Exploits2References4
redhat
redhat
added 2014/03/31 4:47 p.m.3 views

tomcat: multiple content-length header poisoning flaws

It was found that when Tomcat / JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat / JBoss Web would incorrectly handle the request. A remote...

5.8CVSS6.5AI score0.16833EPSS
Exploits2References4
nessus
nessus
added 2013/02/24 12:0 a.m.24 views

SuSE 10 Security Update : squid (ZYPP Patch Number 8464)

A denial of service problem in Squid via invalid Content-Length headers and memory leaks has been fixed. CVE-2012-5643 / CVE-2013-0189, SQUID-2012:1 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0;...

5CVSS7.4AI score0.23026EPSS
Exploits1References6
nvd
nvd
added 2012/12/20 12:2 p.m.20 views

CVE-2012-5643

Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service memory consumption via 1 invalid Content-Length headers, 2 long POST requests, or 3 crafted authenticatio...

5CVSS7.4AI score0.23005EPSS
Exploits1References20
ubuntucve
ubuntucve
added 2012/12/20 12:0 a.m.32 views

CVE-2012-5643

Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service memory consumption via 1 invalid Content-Length headers, 2 long POST requests, or 3 crafted authenticatio...

5CVSS7.2AI score0.23005EPSS
Exploits1References4
openvas
openvas
added 2010/04/13 12:0 a.m.27 views

Opera Browser 'Content-Length' Header Buffer Overflow Vulnerability (Linux)

The host is installed with Opera Web Browser and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gboperacontentlengthheaderbofvulnlin.nasl 5323 2017-02-17 08:49:23Z teissa $ Opera Browser 'Content-Length' Header Buffer Overflow Vulnerability Linux Authors: Antu Sanadi...

10CVSS1AI score0.19792EPSS
Exploits1References4
nessus
nessus
added 2007/05/25 12:0 a.m.63 views

RHEL 5 : tomcat (RHSA-2007:0327)

Updated tomcat packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. Tomca...

5CVSS5.2AI score0.90768EPSS
Exploits5References10
redhat
redhat
added 2007/05/24 6:47 p.m.57 views

Important: Red Hat Security Advisory: jbossas security update

Updated jbossas packages that fix multiple security issues in tomcat are now available for Red Hat Application Stack. This update has been rated as having Important security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages...

5CVSS5.6AI score0.90768EPSS
Exploits5References3
tomcat
tomcat
added 2005/06/06 12:0 a.m.120 views

Fixed in Apache Tomcat 4.1.36

Important: Information disclosure CVE-2005-2090 Requests with multiple content-length headers should be rejected as invalid. When multiple components firewalls, caches, proxies and Tomcat process a sequence of requests where one or more requests contain multiple content-length headers and several...

5CVSS5AI score0.90768EPSS
Exploits5Affected Software1
redhat
redhat
added 2005/02/15 9:37 a.m.2 views

security flaw

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including 1 multiple Content-Length headers, 2 carriage return CR characters that are not part of a CRLF pair, and 3 header names containing...

5CVSS5.8AI score0.50775EPSS
Exploits0References4
osv
osv
added 2005/02/07 5:0 a.m.2 views

DEBIAN-CVE-2005-0174

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including 1 multiple Content-Length headers, 2 carriage return CR characters that are not part of a CRLF pair, and 3 header names containing...

5CVSS6.8AI score0.50775EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2005/02/07 5:0 a.m.39 views

CVE-2005-0174

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including 1 multiple Content-Length headers, 2 carriage return CR characters that are not part of a CRLF pair, and 3 header names containing...

5CVSS5.9AI score0.50775EPSS
Exploits0References2
exploitdb
exploitdb
added 2002/07/08 12:0 a.m.55 views

Microsoft Foundation Class Library 7.0 - ISAPI Buffer Overflow

// source: https://www.securityfocus.com/bid/5188/info The Microsoft Foundation Class Library is a library used to develop applications for Microsoft Windows. Some versions of the MFC include an ISAPI class, which can be used to construct applications which extend web server functionality...

7.4AI score
Exploits0
Rows per page
Query Builder