1943 matches found
Icecast list.cgi User-Agent XSS
Binary data 2136.prm...
Xitami testssi.ssi HTTP Header XSS
The remote Xitami server is distributed with a script for testing server-side includes, '/testssi.ssi'. This script is vulnerable to a cross-site scripting issue when sent a request with a malformed Host or User-Agent header. An attacker may exploit this flaw the steal the authentication...
SUSE-SA:2003:020: mutt
The remote host is missing the patch for the advisory SUSE-SA:2003:020 mutt. Mutt is a text-based Mail User Agent MUA. The IMAP-code of mutt is vulnerable to a buffer overflow that can be exploited by a malicious IMAP-server to crash mutt or even execute arbitrary code with the privileges of the...
RHEL 2.1 : elm (RHSA-2004:009)
Updated elm packages are now available that fix a buffer overflow vulnerability in the 'frm' command. Elm is a terminal mode email user agent. The frm command is provided as part of the Elm packages and gives a summary list of the sender and subject of selected messages in a mailbox or folder. A...
kphone.stun.txt
KPhone STUN DoS Malformed STUN Packets ------------------------------------------------------------------------ Article reference: http://www.securiteam.com/unixfocus/5PP0B1FCLY.html SUMMARY KPhone is "a SIP Session Initiation Protocol user agent for Linux, with which you can initiate VoIP Voice...
[Full-Disclosure] Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue
-- Corsaire Security Advisory -- Title: Multiple vendor HTTP user agent cookie path traversal issue Date: 12.07.03 Application: Various Environment: Various Author: Martin O'Neal [email protected] Audience: Vendor notification Reference: c030712-001 -- Scope -- The aim of this document is...
Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests
Overview Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests containing overly large User-Agent fields. This could allow an unauthenticated, remote attacker to cause a denial-of-service condition. Description Apple's QuickTime and Darwin Streaming Server is software...
Darwin Streaming Server denial-of-service vulnerability
An attacker can cause an assertion to trigger by sending a long User-Agent field in a request...
Important: Red Hat Security Advisory: : Updated mutt packages fix remotely-triggerable crash
New mutt packages that fix a remotely-triggerable crash in the menu drawing code are now available. Mutt is a text-mode mail user agent. A bug was found in the index menu code in versions of mutt. A remote attacker could send a carefully crafted mail message that can cause mutt to segfault and...
SHOUTcast Server buffer overflow
buffer overflow on long User-Agent HTTP header in admin.cgi and in processing of internal administration protocol...
BRS Webweaver 1.06 - HTTPd User-Agent Remote Denial of Service
BRS Webweaver 1.06 - HTTPd User-Agent Remote Denial of Service // source: https://www.securityfocus.com/bid/8947/info It has been reported that BRS WebWeaver may be prone to a denial of service issue that may allow a remote attacker to cause the software to crash or hang. The issue presents itsel...
BRS Webweaver 1.06 - HTTPd 'User-Agent' Remote Denial of Service
// source: https://www.securityfocus.com/bid/8947/info It has been reported that BRS WebWeaver may be prone to a denial of service issue that may allow a remote attacker to cause the software to crash or hang. The issue presents itself when the server receives a request containing a large string...
CVE-2003-0395
Ultimate PHP Board UPB 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes adminiplog.php...
DSR-korean-elm.pl
DSR-korean-elm.pl - kokaninATdtors.net vs. /usr/ports/korean/elm offset, retaddr and shellcode is for my FreeBSD 4.7-RELEASE, YMMV reinventing the wheel, http://www.insecure.org/sploits/elm.curses.overflow.html shellcode by zillionATsafemode.org ko-elm-2.4h4.1 ELM Mail User Agent, patched for...
CVE-2003-0395
Ultimate PHP Board UPB 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes adminiplog.php...
PT-2003-1586 · Upb · Ultimate Php Board
Name of the Vulnerable Software and Affected Versions: Ultimate PHP Board UPB version 1.9 Description: The issue allows remote attackers to execute arbitrary PHP code with administrator privileges. This is achieved via an HTTP request containing the code in the User-Agent header, which is execute...
Ultimate PHP Board admin_iplog.php Arbitrary Code Execution
The remote host is running Ultimate PHP Board UPB. There is a flaw in this version which may allow an attacker to execute arbitrary code on this host, by sending a malformed user-agent which contains PHP commands. Once the user-agent has been sent, it is stored in the logs. When the administrator...
UPB: Discussion Board/Web-Site Takeover
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: UPB: Discussion Board/Web-Site Takeover product: Ultimate PHP Board v1.9 latest vendor: www.myupb.com risk: high date: 05/24/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/024.en.txt...
CVE-2003-0128
The tryuudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malicious uuencoded UUE header, possibly triggering a heap-based buffer overflow...
DEBIAN-CVE-2003-0128
The tryuudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malicious uuencoded UUE header, possibly triggering a heap-based buffer overflow...