Lucene search
K

84 matches found

Cvelist
Cvelist
added 2005/08/05 4:0 a.m.16 views

CVE-2004-2299

Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header...

7.9AI score0.1023EPSS
Exploits1References4
NVD
NVD
added 2004/12/31 5:0 a.m.8 views

CVE-2004-2299

Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header...

7.5CVSS7.9AI score0.1023EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2004/10/25 12:0 a.m.18 views

OmniHTTPd Pro Long POST Request DoS

The remote host is running OmniHTTPd Pro HTTP Server. The remote version of this software seems to be vulnerable to a buffer overflow when handling specially long POST request. This may allow an attacker to crash the remote service, thus preventing it from answering legitimate client requests. C...

5CVSS5.9AI score0.01721EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2004/05/19 12:0 a.m.26 views

EXP_OmniHTTPd.BAT

EXPOmniHTTPd.BAT @echo off :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :Application: OmniHTTPd :Vendors: http://www.omnicron.ca :Version: 0xE0 f 117 206 41 !JMPESP@w2k e 207 12 45 FA 7F !Shellcode e 20B EB 1B 5B BE 43 6F 6F 6C BF 49 43 45 21 43 39 3B e 21B 75 FB 4B 80 3...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/05/19 12:0 a.m.25 views

Overflow@OmniHTTPd

EXPOmniHTTPd.BAT @echo off :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :Application: OmniHTTPd :Vendors: http://www.omnicron.ca :Version: =V3.0a :Platforms: Windows :Bug: Overflow :Date: 2004-04-23 :Author: CoolICE :E-mail: CoolICEChina.com...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2004/05/19 12:0 a.m.21 views

OmniHTTPd integer overflow

Integer overflow in Range: header...

1.4AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2004/04/23 12:0 a.m.15 views

Omnicron OmniHTTPd 2.x3.0 - GET Buffer Overflow

Omnicron OmniHTTPd 2.x3.0 - GET Buffer Overflow source: https://www.securityfocus.com/bid/10376/info Reportedly OmniHTTPD is affected by a GET request buffer overflow vulnerability. This issue is due to a failure of the application to properly validate string sizes when processing user input. Thi...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/23 12:0 a.m.30 views

Omnicron OmniHTTPd 2.x/3.0 - GET Buffer Overflow

source: https://www.securityfocus.com/bid/10376/info Reportedly OmniHTTPD is affected by a GET request buffer overflow vulnerability. This issue is due to a failure of the application to properly validate string sizes when processing user input. This issue could allow an attacker to execute...

7.4AI score
Exploits0
NVD
NVD
added 2003/06/09 4:0 a.m.11 views

CVE-2002-1455

Multiple cross-site scripting XSS vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via 1 test.php, 2 test.shtml, or 3 redir.exe...

4.3CVSS5.8AI score0.0394EPSS
Exploits1References3
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.17 views

CVE-2002-1035

Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service crash via an HTTP request with a long, malformed HTTP 1version number...

6.7AI score0.01632EPSS
Exploits0References4
CVE
CVE
added 2003/04/02 5:0 a.m.46 views

CVE-2002-1035

Omnicron OmniHTTPd 2.09 is affected. A remote attacker can trigger a denial-of-service (crash) by sending an HTTP request with a long, malformed HTTP 1version number. No exploitation details or patches are provided in the supplied documents. The impact is limited to availability (partial), with n...

5CVSS7AI score0.01632EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2003/03/18 5:0 a.m.44 views

CVE-2002-1455

CVE-2002-1455 describes multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd that allow remote attackers to inject script or HTML into web pages. Exploitation via (1) test.php, (2) test.shtml, or (3) redir.exe is indicated in the description. The connected documents corroborate the pr...

4.3CVSS6AI score0.0394EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.17 views

CVE-2002-1455

Multiple cross-site scripting XSS vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via 1 test.php, 2 test.shtml, or 3 redir.exe...

5.8AI score0.0394EPSS
Exploits1References3
NVD
NVD
added 2002/10/04 4:0 a.m.13 views

CVE-2002-1035

Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service crash via an HTTP request with a long, malformed HTTP 1version number...

5CVSS6.7AI score0.01632EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2002/08/29 12:0 a.m.30 views

omnihttpd.txt

A vulnerability exists in the test.php script of OmniHTTPd. The script makes a classic coding error -- trusting unsanitized user input. The query string and cookie values are returned unfiltered. Of most concern, of course, is the query string:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/08/26 12:0 a.m.22 views

OmniHTTPd test.shtml Cross-Site Scripting Issue

OmniHTTPd's Test.shtml sample is also vulnerable to a similar issue: http://localhost/test.shtml?3CSCRIPT3Ealertdocument.URL3C2FSCRIPT3E=x Will pop up an alert containing the above URL. Of course, this has other uses cookie theft, faking sources, etc...

Exploits0
exploitpack
exploitpack
added 2002/08/26 12:0 a.m.10 views

OmniHTTPd 1.12.0.x2.4 - Sample Application URL Encoded Newline HTML Injection

OmniHTTPd 1.12.0.x2.4 - Sample Application URL Encoded Newline HTML Injection source: https://www.securityfocus.com/bid/5572/info OmniHTTPD is a webserver for Microsoft Windows operating systems. OmniHTTPD supports a number of CGI extensions which provide dynamic content. A HTML injection...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2002/08/26 12:0 a.m.30 views

Multiple bugs in OmniHTTPD

Crossite scripting, information spoofing...

0.7AI score
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2002/08/26 12:0 a.m.42 views

More OmniHTTPd Problems

I've discovered another vulnerability in one of the OmniHTTPd sample apps. This time, the culprit is "/cgi-bin/redir.exe". This app is vulnerable to a newline injection issue. The vulnerability occurs because the "URL" query parameter case sensitive is decoded and placed directly into the respons...

Exploits0
securityvulns
securityvulns
added 2002/08/26 12:0 a.m.35 views

OmniHTTPd test.php Cross-Site Scripting Issue

A vulnerability exists in the test.php script of OmniHTTPd. The script makes a classic coding error -- trusting unsanitized user input. The query string and cookie values are returned unfiltered. Of most concern, of course, is the query string:...

Exploits0
Rows per page
Query Builder