Important: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a server can be tricked into adding an upgrade header into a response. Per RFC https://www.rfc-editor.org/rfc/rfc7230section-6.7 a server sends 101 wh...

PT-2024-3092 · Envoy +1 · Envoy +1

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.27.5 Envoy versions prior to 1.28.3 Envoy versions prior to 1.29.4 Envoy versions prior to 1.30.1 Description: The issue arises when an upstream TLS cluster is used with auto sni enabled and a request contains a...

PT-2019-2570 · Abb · Abb Idal Ftp Server

Name of the Vulnerable Software and Affected Versions: ABB IDAL HTTP server version SAP500900R0101 Description: The issue is related to a buffer overflow vulnerability in the HTTP server of the ABB IDAL tool. This occurs when a long Host header is sent in a web request, allowing an unauthenticate...

CVE-2017-6367

In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header...

CVE-2005-4085

Buffer overflow in BlueCoat a WinProxy before 6.1a and b the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header...

CVE-2005-4085

Buffer overflow in BlueCoat a WinProxy before 6.1a and b the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header...

Дырка в WebSphere

Переполнение буфера при длинном заголовке Host: HTTP-запроса...