26 matches found
CVE-2008-0338
The CVE-2008-0338 vulnerability affects MiniWeb HTTP Server 0.8.19, where the mwGetLocalFileName function in http.c is vulnerable to directory traversal via URI-encoded references (.%2e and %2e%2e). This could allow remote attackers to read arbitrary files and list directories. The provided docum...
CVE-2008-0337
MiniWeb HTTP Server 0.8.19 is affected by a heap-based buffer overflow in the _mwProcessReadSocket function of http.c. An attacker can trigger this remotely by sending a long URI, potentially enabling arbitrary code execution. The root cause is an overflow in the socket-read handling. Affected ve...
CVE-2008-0338
Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a 1 .%2e partially encoded dot dot or 2 %2e%2e encoded dot dot in the URI...
CVE-2007-3159
http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service application crash via a negative value in the Content-Length HTTP header...
CVE-2007-3159
CVE-2007-3159 affects the MiniWeb Http Server 0.8.x series. The vulnerability is triggered by a negative value in the Content-Length HTTP header, which can cause a remote attacker to induce an application crash (DoS). The available connected records confirm the affected product and the root cause...
MiniWeb Http Server 0.8.x Remote Denial of Service Exploit
Exploit for unknown platform in category dos / poc ========================================================== MiniWeb Http Server 0.8.x Remote Denial of Service Exploit ========================================================== MiniWeb Http Server 0.8.x Remote Denial of Service MiniWeb site...