Tiny Server 1.1.9 - HEAD Denial of Service

!/usr/bin/python Overflow exploiting a vulnerability in Tiny Server ' sys.exit host = sys.argv1 port = sys.argv2 buffer = 'A' 100 + 'HTTP/1.0\r\n' print '\n' print ' Tiny Server = 1.1.0HTTP HEAD request overflow' print ' Written by Brock Haun' print ' [email protected]' print '\n' try:...

CVE-2012-1783

Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service crash via a long string in a GET request without an HTTP version number...

Cross site request forgery (csrf)

Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service crash via a long string in a GET request without an HTTP version number...

CVE-2012-1783

Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service crash via a long string in a GET request without an HTTP version number...

CVE-2012-1783

CVE-2012-1783 affects Tiny HTTP Server (Tiny Server) 1.1.9 and earlier. The vulnerability arises when processing a GET request that lacks an HTTP version number, where a long string can trigger a crash, enabling remote denial of service. The provided documents specify the affected software and th...

Tiny Server v1.1.5 Arbitrary File Disclosure Exploit

Exploit for windows platform in category remote exploits !/usr/bin/perl -w Title : Tiny Server v1.1.5 Arbitrary File Disclosure Exploit Author : KaHPeSeSe Test : PERFECT XP PC1 / SP3 Date : 15/03/2012 use LWP::Simple; use LWP::UserAgent; system'color','A'; system'cls'; print "\n\t\n"; print...

Tiny Server 1.1.5 - Arbitrary File Disclosure

!/usr/bin/perl -w Title : Tiny Server v1.1.5 Arbitrary File Disclosure Exploit Author : KaHPeSeSe Test : PERFECT XP PC1 / SP3 Date : 15/03/2012 Thanks : exploit-db.com use LWP::Simple; use LWP::UserAgent; system'color','A'; system'cls'; print "\n\t\n"; print "\n\t....... Tiny Server v1.1.5...

CVE-2004-2116

Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. dot dot in the URL...

CVE-2004-2118

Tiny Server 1.1 allows remote attackers to cause a denial of service crash via a GET request with a long filename, possibly due to a buffer overflow...

CVE-2004-2119

Cross-site scripting XSS vulnerability in Tiny Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the URL...

CVE-2004-2119

The CVE-2004-2119 entry documents a Cross-site scripting (XSS) vulnerability in Tiny Server 1.1, where an attacker can inject arbitrary web script or HTML via the URL. The vulnerability affects Tiny Server 1.1’s URL handling and has a base severity of MEDIUM (CVSS v2: 4.3) with network attack vec...

CVE-2004-2117

CVE-2004-2117 : The Tiny Server 1.1 product is affected. It allows remote attackers to cause a denial of service (crash) by sending malformed HTTP requests, such as a GET request without an HTTP version (HTTP/1.1) or a request lacking both GET and the HTTP version. The provided documents do not i...

CVE-2004-2116

CVE-2004-2116: Directory traversal in Tiny Server 1.1 allows read/download of arbitrary files via .. in the URL. Affected product: Tiny Server 1.1. Root cause described as a path traversal flaw in URL handling. Exploitation status is not provided in the documents; no remediation details are given.

CVE-2004-2117

Tiny Server 1.1 allows remote attackers to cause a denial of service crash via malformed HTTP requests such as 1 a GET request without the HTTP version HTTP/1.1, or 2 a request without GET or the HTTP version...

CVE-2004-2118

CVE-2004-2118 affects Tiny Server 1.1. The vulnerability allows remote attackers to cause a denial of service (crash) by sending a GET request with a long filename, possibly due to a buffer overflow. The provided documents do not include a confirmed patch or fix version. No exploitation details o...

CVE-2004-2118

Tiny Server 1.1 allows remote attackers to cause a denial of service crash via a GET request with a long filename, possibly due to a buffer overflow...

CVE-2004-2116

Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. dot dot in the URL...

CVE-2004-2119

Cross-site scripting XSS vulnerability in Tiny Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the URL...

tinyServer1.1.txt

Donato Ferrante Application: Tiny Server http://sourceforge.net/projects/tinyserver Version: 1.1 1.0.5 Bugs: Multiple Vulnerabilities Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1...

Tiny Server 1.1 (1.0.5) Multiple Vulnerabilities

Donato Ferrante Application: Tiny Server http://sourceforge.net/projects/tinyserver Version: 1.1 1.0.5 Bugs: Multiple Vulnerabilities Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1...