Fedora Update for Perlbal FEDORA-2008-2788

Check for the Version of Perlbal OpenVAS Vulnerability Test Fedora Update for Perlbal FEDORA-2008-2788 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 7 Update: Perlbal-1.70-1.fc7

Perlbal is a single-threaded event-based server supporting HTTP load balancing, web serving, and a mix of the two. Perlbal can act as either a w eb server or a reverse proxy. One of the defining things about Perlbal is that almost everything can be configured or reconfigured on the fly without...

[SECURITY] Fedora 8 Update: Perlbal-1.70-1.fc8

Perlbal is a single-threaded event-based server supporting HTTP load balancing, web serving, and a mix of the two. Perlbal can act as either a w eb server or a reverse proxy. One of the defining things about Perlbal is that almost everything can be configured or reconfigured on the fly without...

Jetty fails to properly process URLs that contain double / characters

Overview The Jetty web server contains a vulnerability that may allow an attacker to access private files or directories. Description Jetty is a web server that is implemented in Java. Jetty contains a vulnerability in the way it processes URLs with multiple "/" slash characters. See the Jetty...

[SECURITY] Fedora 7 Update: nginx-0.5.28-1.fc7

Nginx engine x is an HTTPS server, HTTPS reverse proxy and IMAP/POP3 proxy server written by Igor Sysoev...

Apache Httpd < 2.0.61 : mod_proxy crash

A flaw was found in the Apache HTTP Server modproxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker...

Debian DSA-934-1 : pound - several vulnerabilities

Two vulnerabilities have been discovered in Pound, a reverse proxy and load balancer for HTTP. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-1391 : Overly long HTTP Host: headers may trigger a buffer overflow in the addport function, which may lea...

Pound: HTTP request smuggling

Background Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly. Description Pound fails to handle HTTP requests with conflicting "Content-Length" and...

pound reverse proxy / load balancer / HTTPS front-end buffer overflow

Buffer overflow on oversized hostname...

DSA-934-1 pound - remote

Bulletin has no description...

HTTP Cookie overflow

It was possible to kill the web server by sending an invalid request with a too long Cookie name or value A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwtoolongcookie.nasl 8023...

HTTP User-Agent overflow

It was possible to kill the web server by sending an invalid GET request with a too long User-Agent field A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwtoolonguseragent.nasl 8023...

Infinite HTTP request

It was possible to kill the web server by sending an invalid 'infinite' HTTP request that never ends. A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwinfiniterequestDoS.nasl 6053...

HTTP 1.0 header overflow

It was possible to kill the web server by sending an invalid request with a too long header From, If-Modified-Since, Referer or Content-Type A cracker may exploit this vulnerability to make your web server crash continually or even execute arbitrary code on your system. OpenVAS Vulnerability Test...

Boozt index.cgi overflow

It seems that index.cgi from Boozt AdBanner is installed and is vulnerable to a buffer overflow: it doesn't check the length of user supplied variables before copying them to internal arrays. A cracker may exploit this vulnerability to make your web server crash continually or even execute...

Too long basic authentication DoS

It was possible to kill the web server by sending a request with an too long Basic authentication field. A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwtoolongauthDoS.nasl 8023...

HTTP 1.1 header overflow

It was possible to kill the web server by sending an invalid request with a too long HTTP 1.1 header Accept-Encoding, Accept-Language, Accept-Range, Connection, Expect, If-Match, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, TE, Host A cracker may exploit this vulnerability to make...

BadBlue invalid null byte vulnerability

It was possible to read the content of /EXT.INI BadBlue configuration file by sending an invalid GET request. A cracker may exploit this vulnerability to steal the passwords. OpenVAS Vulnerability Test $Id: badbluenullbyte.nasl 7175 2017-09-18 11:55:15Z cfischer $ Description: BadBlue invalid nul...

BrowseGate HTTP headers overflows

It was possible to kill the BrowseGate proxy by sending it an invalid request with too long HTTP headers Authorization and Referer A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id:...

Incomplete basic authentication DoS

It was possible to kill the web server by sending an invalid request with an incomplete Basic authentication. A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwincompleteauthDoS.nasl...