Lucene search
K

45 matches found

OSV
OSV
added 2016/01/02 9:59 p.m.6 views

CVE-2015-8027

Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service uncaughtException and service outage via a pipelined HTTP request...

7.5CVSS9.1AI score0.05356EPSS
Exploits0References7
Apache Httpd
Apache Httpd
added 2015/04/04 12:0 a.m.83 views

Apache Httpd < 2.4.16 : HTTP request smuggling attack against chunked request parser

An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use...

5CVSS6.2AI score0.73327EPSS
Exploits0Affected Software1
Prion
Prion
added 2008/10/22 6:0 p.m.24 views

Design/Logic Flaw

The HTTPRequestParser method in the HTTP Transport component in IBM WebSphere Application Server WAS 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service controller 0C4 abend and application hang via a long HTTP Host header, related to "storage overlay" on the stack and a...

7.8CVSS6.6AI score0.01916EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2008/10/22 6:0 p.m.24 views

CVE-2008-4678

The HTTPRequestParser method in the HTTP Transport component in IBM WebSphere Application Server WAS 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service controller 0C4 abend and application hang via a long HTTP Host header, related to "storage overlay" on the stack and a...

7.8CVSS6.4AI score0.01916EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2008/06/04 12:0 a.m.26 views

openSUSE 10 Security Update : openwsman (openwsman-5241)

This update provides a fix for the included shttpd web-server to patch a buffer overflow vulnerability in the HTTP request parser. This bug can only be exploited by authenticated users to execute arbitrary code with the privileges of the openwsman/shttp daemon. CVE-2008-2097 %NASLMINLEVEL 70300 C...

9CVSS8.9AI score0.03891EPSS
Exploits0References1
Rows per page
Query Builder