Lucene search
K

30 matches found

OSV
OSV
added 2014/12/29 8:59 p.m.13 views

UBUNTU-CVE-2014-3556

The STARTTLS implementation in mail/ngxmailsmtphandler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command...

6.8CVSS5.8AI score0.07832EPSS
Exploits0References3
CVE
CVE
added 2014/12/29 8:0 p.m.118 views

CVE-2014-3556

The CVE-2014-3556 entry affects nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4. The STARTTLS implementation in mail/ngx_mail_smtp_handler.c allows an MITM to inject commands into encrypted SMTP sessions by sending a cleartext command after TLS is established, due to insufficient I/O bu...

6.8CVSS6.8AI score0.07832EPSS
Exploits0References4Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.45 views

SapporoWorks Black JumboDog 2.6.4/2.6.5 HTTP Proxy Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3858/info Black JumboDog 2.6.4 and 2.6.5 HTTP proxy is vulnerable to an exploitable buffer overflow. The buffer overflow can be exploited by sending excessively long expires, if-modified-since, and LastModified strings...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2014/02/10 3:38 p.m.10 views

LinkedIn Intro Service to Shut Down March 7

LinkedIn announced on Friday it was shuttering its four-month-old Intro service which stirred up a privacy meltdown shortly after its release in October. Intro was an integrated service for iOS which sat as a proxy between the built-in iOS mail client and the user’s email provider. Intro would...

0.4AI score
Exploits0References4
myhack58
myhack58
added 2013/04/26 12:0 a.m.15 views

nginx explosive integer overflow vulnerability-vulnerability warning-the black bar safety net

Qihoo 3 6 0 security research team recently discovered nginx a serious vulnerability, the vulnerability exists in nginx ngxhttpcloseconnection function, the attacker can construct r-count is less than 0 or greater than 2 5 5 malicious HTTP request, the vulnerability could remotely execute arbitra...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2011/05/27 3:32 p.m.9 views

Stop Payments Stop Spam, Researchers Find

“Follow the money” – it was good advice for Woodward and Bernstein in their investigation of the Watergate scandal. It turns out to be good advice for those wishing to stamp out spam e-mail, also. That’s the conclusion of researchers from the University of California, San Diego and the University...

7.1AI score
Exploits0References4
exploitpack
exploitpack
added 2010/06/11 12:0 a.m.43 views

Nginx 0.7.650.8.39 (dev) - Source Disclosure Download

Nginx 0.7.650.8.39 dev - Source Disclosure Download TITLE: NGINX ENGINE X SERVER http://nginx.org/en/ ref-1 ======TESTED VERSIONS===== Unix versions are not vulnerable it only affects to NTFS file system Windows Stable versions: nginx/0.7.66 -- Not vulnerable nginx/0.7.65 -- Vulnerable nginx/0.7....

0.1AI score
Exploits0
seebug.org
seebug.org
added 2009/11/27 12:0 a.m.121 views

nginx ngx_http_process_request_headers()函数空指针引用拒绝服务漏洞

BUGTRAQ ID: 36839 CVECAN ID: CVE-2009-3896 nginx是多平台的HTTP服务器和邮件代理服务器。 nginx服务器的src/http/ngxhttpparse.c文件的ngxhttpprocessrequestheaders函数中存在空指针引用错误,远程攻击者可以通过超长的URI来触发这个漏洞,导致worker进程崩溃。 Igor Sysoev nginx 0.8.x Igor Sysoev nginx 0.7.x Igor Sysoev nginx 0.6.x Igor Sysoev nginx 0.5.x Igor Sysoev nginx...

5CVSS0.1AI score0.10181EPSS
Exploits2
exploitpack
exploitpack
added 2002/01/01 12:0 a.m.19 views

SapporoWorks Black JumboDog 2.6.42.6.5 - HTTP Proxy Buffer Overflow

SapporoWorks Black JumboDog 2.6.42.6.5 - HTTP Proxy Buffer Overflow // source: https://www.securityfocus.com/bid/3858/info Black JumboDog 2.6.4 and 2.6.5 HTTP proxy is vulnerable to an exploitable buffer overflow. The buffer overflow can be exploited by sending excessively long "expires",...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2002/01/01 12:0 a.m.45 views

SapporoWorks Black JumboDog 2.6.4/2.6.5 - HTTP Proxy Buffer Overflow

// source: https://www.securityfocus.com/bid/3858/info Black JumboDog 2.6.4 and 2.6.5 HTTP proxy is vulnerable to an exploitable buffer overflow. The buffer overflow can be exploited by sending excessively long "expires", "if-modified-since", and "LastModified" strings containing executable code....

7AI score
Exploits0
Rows per page
Query Builder