94 matches found
Mereo 1.9.2 - Remote HTTP Server Denial of Service
!/usr/bin/python Title: Mereo v1.9.2 Remote HTTP Server DoS 0day By: CwG GeNiuS Email: cwggenius at gmail dot com Tested: XPSP3 Download: http://www.ohloh.net/p/mereo import socket, sys payload ="GET /"; payload+="X" 10000; payload+=" HTTP/1.1\r\n\r\n"; count = 1; try: while count 100: s =...
CVE-2010-0556
CVE-2010-0556 describes a cross-origin weakness in Google Chrome’s Password Manager where credentials stored for one site could be populated into an authentication dialog triggered by a third-party page (demonstrated via IMG src). Affected versions include Chrome 3.0.195.38 and 4.0.249.78; Chrome...
CVE-2010-0556
browser/login/loginprompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication,...
Backported Security Patch Detection (WWW)
Security patches may have been 'backported' to the remote HTTP server without changing its version number. Banner-based checks have been disabled to avoid false positives. Note that this test is informational only and does not denote any security problem. C Tenable Network Security, Inc...
Buffer overflow
Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted response...
CVE-2009-2121
Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted response...
Mandriva Update for apache MDVSA-2008:195 (apache)
Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2008:195 apache Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
CVE-2007-6724
Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file config.txt or config that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration...
CVE-2008-0367
Mozilla Firefox 2.0.0.11, 3.0b2, and possibly earlier versions, when prompting for HTTP Basic Authentication, displays the site requesting the authentication after the Realm text, which might make it easier for remote HTTP servers to conduct phishing and spoofing attacks...
CVE-2007-4625
Polipo prior to 1.0.2 is affected. It allows remote HTTP servers to cause a denial of service (daemon crash) by aborting the response to a POST request. No remediation details are provided in the supplied documents.
HyperText Transfer Protocol (HTTP) Information
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive is enabled, etc... This test is informational only and does not denote any security problem. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid24260;...
CVE-2006-5036
MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sqremotepageurl parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting XSS attacks. NOTE: the researcher reports that "The...
MiniShare 1.3.2 - Remote Denial of Service
MiniShare 1.3.2 - Remote Denial of Service source: https://www.securityfocus.com/bid/10417/info Minishare is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle improperly formed HTTP requests. This issue will allow an attacker to caus...
CVE-1999-1264
WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled...