Sending multipart/form-data requests from Flash (with arbitrary headers)

Hello lists, In my original "Forging HTTP request headers with Flash" paper http://www.securityfocus.com/archive/1/441014, I mentioned forcing multipart/form-data input format to ensure that Flash's LoadVars isn't used to forge the request. However, there's a work-around for the attacker - using...

Write-up by Amit Klein: "Forging HTTP request headers with Flash"

Forging HTTP request headers with Flash Amit Klein, July 2006 Flash - Introduction ==================== Flash player is a very popular browser add-on from Adobe actually, Flash was invented by Macromedia, which was acquired by Adobe. This write-up covers mostly Flash 7 and Flash 8, together...

FreeBSD : kaffeine -- buffer overflow vulnerability (4bfcd857-c628-11da-b2fb-000e0c2e438a)

The KDE team reports : Kaffeine can produce a buffer overflow in httppeek while creating HTTP request headers for fetching remote playlists, which under certain circumstances could be used to crash the application and/or execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

CVE-2006-0051

Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the httppeek function...

CVE-2006-0051

Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the httppeek function...

CVE-2006-0051

CVE-2006-0051 affects kaffeine (KDE media player) versions 0.4.2 through 0.7.1. A buffer overflow in playlistimport.cpp/https flow when fetching remote playlists can be triggered by long HTTP request headers, overflowing http_peek and permitting arbitrary code execution by an attacker who tricks ...

CVE-2006-0051

Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the httppeek function...

Microsoft IIS - HTTP Request Denial of Service (1)

/ Microsoft IIS 5.1 Remote D.o.S Exploit by Kozan Application: Microsoft IIS Internet Information Server Vendor: Microsoft - http://www.microsoft.com/ Discovered by: Inge Henriksen Exploit Coded by: Kozan Credits to ATmaCA, Inge Henriksen Web: www.spyinstructors.com Mail: [email protected]...

CVE-2004-1561

Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers...

Multiple devices process HTTP requests inconsistently

Overview Multiple interconnected devices process valid HTTP request headers inconsistently and in this may manner may allow a remote attacker to poison a cache, conduct cross-site scripting attacks, and hijack user sessions. Attackers may use these flaws to launch a class of attacks referred to a...

IceCast array overflow

Large number of headers in request leads to array overflow...

snoop.servlet.txt

LoWNOISE Snoop Servlet Tomcat 3.1 and 3.0 ====PRODUCT: Snoop Servlet on Release Build 3.1 and 3.0 of Tomcat from Apache Software Foundation. http://jakarta.apache.org ====PROBLEM: The Snoop Servlet will give you too much info PATHs, OS, etc. ====EXPLOIT:...

gnu-pop3d (FTGate problem), Savant Webserver, Guild FTPd

Yo, Errr... Sorry about saying gnu-pop3d had the same problem as FTGate - don't know how that got in my list - I assume from posting after a rather hectic party and before that vital cup of coffee the next day. : Apologies, all. Anyway, I found a stack overflow in the Savant webserver the other d...

CVE-2000-0299

Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept...