8 matches found
F5 Networks BIG-IP : BIG-IP HTTP non-RFC-compliant security exposure (K11342432)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 15.1.7 / 16.1.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K11342432 advisory. This issue occurs when a non-RFC-compliant HTTP request is received by a virtual server on a syste...
K11342432: BIG-IP HTTP non-RFC-compliant security exposure
Security Advisory Description This issue occurs when a non-RFC-compliant HTTP request is received by a virtual server on a system matching one of the following conditions: BIG-IP 15.1.0 and later version with a virtual server with an HTTP profile with Enforce RFC Compliance enabled. All supported...
Debian: Security Advisory (DLA-3187-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-36369
An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2...
Denial Of Service (DoS)
Undertow AJP connector is vulnerable to denial of service. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability...
CVE-2020-27782
A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability. This...
CVE-2020-27782
A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability. This...
CVE-2002-1775
NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus NAV 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initi...