DSA-934-1 pound - remote

Bulletin has no description...

Let all the forward program to achieve the reverse connection-vulnerability warning-the black bar safety net

As a backdoor program, you first need to covert strong, and secondly to have the practical functions of the head can not be too large, the self-protection function also to be strong, the last program run to be stable, otherwise halfway error-prone trouble; there is a need to support multiple user...

CVE-2005-4046

The CVE-2005-4046 entry affects the Reverse SSL Proxy Plug-in used with Sun Java System Application Server Standard Edition 7 (2004Q2), Application Server Enterprise Edition 8.1 (2005Q1), and Sun ONE Application Server 7 Standard Edition. The vulnerability is unspecified but allows remote attacke...

AngelShell: let all the forward program to achieve the reverse connection application papers-the vulnerability warning-the black bar safety net

Nowserviceis almost entirely put in a hardware firewall, hard to penetrate, only to find that with a hardware Firewall, the party pooper! What TerminalService, what Radmin and the like in a controlled manner do not even think. Tried, found that almost all support reverse connection, the forward...

To bypass the firewall of the reverse connection Alarm-vulnerability warning-the black bar safety net

/ Author: Polymorphours Date: 2005/1/10 Another will be your own code injected into the puppet of the process of the method, with the rebound Trojan can bypass the firewall Reverse connection Alarm. / include include // // ntdll. lib from DDK 2 0 0 0 // pragma commentlib,"ntdll. lib" typedef long...

BrowseGate HTTP headers overflows

It was possible to kill the BrowseGate proxy by sending it an invalid request with too long HTTP headers Authorization and Referer A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id:...

dwhttpd format string

The remote web server is vulnerable to a format string attack. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Anti-Scanner Defenses (HTTP)

It seems that the remote web server rejects HTTP requests from the Scanner. It is probably protected by a reverse proxy, WAF or IDS/IPS. SPDX-FileCopyrightText: 2005 Michel Arboi SPDX-FileCopyrightText: New / improved detection code since 2018 Greenbone AG Some text descriptions might be excerpte...

Boozt index.cgi overflow

It seems that index.cgi from Boozt AdBanner is installed and is vulnerable to a buffer overflow: It doesn SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

HTTP TRACE

Transparent or reverse HTTP proxies may be implement on some sites. OpenVAS Vulnerability Test $Id: httptrace.nasl 6768 2017-07-20 08:06:19Z cfischer $ HTTP TRACE Authors: Michel Arboi Copyright: Copyright C 2002 Michel Arboi This program is free software; you can redistribute it and/or modify it...

Too long basic authentication DoS

It was possible to kill the web server by sending a request with an too long Basic authentication field. A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwtoolongauthDoS.nasl 8023...

BadBlue invalid null byte vulnerability

It was possible to read the content of /EXT.INI BadBlue configuration file by sending an invalid GET request. A cracker may exploit this vulnerability to steal the passwords. OpenVAS Vulnerability Test $Id: badbluenullbyte.nasl 7175 2017-09-18 11:55:15Z cfischer $ Description: BadBlue invalid nul...

Incomplete basic authentication DoS

It was possible to kill the web server by sending an invalid request with an incomplete Basic authentication. A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwincompleteauthDoS.nasl...

Personal Web Sharing overflow

It was possible to kill the Personal Web Sharing service by sending it a too long request. A cracker may exploit this vulnerability to make your web server crash continually. OpenVAS Vulnerability Test $Id: PWSDoS.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Personal Web Sharing overflow...

Infinite HTTP request

It was possible to kill the web server by sending an invalid 'infinite' HTTP request that never ends. A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwinfiniterequestDoS.nasl 6053...

HTTP 1.1 header overflow

It was possible to kill the web server by sending an invalid request with a too long HTTP 1.1 header Accept-Encoding, Accept-Language, Accept-Range, Connection, Expect, If-Match, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, TE, Host A cracker may exploit this vulnerability to make...

HTTP Cookie overflow

It was possible to kill the web server by sending an invalid request with a too long Cookie name or value A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwtoolongcookie.nasl 8023...

Boozt index.cgi overflow

It seems that index.cgi from Boozt AdBanner is installed and is vulnerable to a buffer overflow: it doesn't check the length of user supplied variables before copying them to internal arrays. A cracker may exploit this vulnerability to make your web server crash continually or even execute...

HTTP User-Agent overflow

It was possible to kill the web server by sending an invalid GET request with a too long User-Agent field A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwtoolonguseragent.nasl 8023...

Incomplete Basic Authentication DoS Vulnerability

It was possible to kill the web server by sending an invalid request with an incomplete Basic authentication. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...