83 matches found
Cross site request forgery (csrf)
The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE request...
OPC UA Write Request Command
...
Scientific Linux Security Update : gfs-kmod on SL 5.0-5.4 i386/x86_64
This updated gfs-kmod is already in SL 5.5. A flaw was found in the gfslock implementation. The GFS locking code could skip the lock operation for files that have the SISGID bit set-group-ID on execution in their mode set. A local, unprivileged user on a system that has a GFS file system mounted...
Heap overflow
Multiple heap-based buffer overflows in the virtio-blk driver hw/virtio-blk.c in qemu-kvm 0.14.0 allow local guest users to cause a denial of service guest crash and possibly gain privileges via a 1 write request to the virtioblkhandlewrite function or 2 read request to the virtioblkhandleread...
Scada Modbus Write Request To PLC
There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...
Microsoft SMB Crafted Write Request Denial of Service (MS11-048; CVE-2011-1267)
SMB Protocol is the file sharing protocol used by default on Windows-based computers. A denial of service vulnerability exists in the way that Microsoft Server Message Block SMB Protocol software handles specially crafted SMB requests. The vulnerability is caused when the Microsoft Server Message...
HP iMC 5.0 TFTP WRQ "Remote Code Execution" Vulnerability
HP Intelligent Management Center contains a flaw related to thetftpserver.exe component allowing the creation or upload of arbitrary files when handling Write Request packets. This may allow a remote attacker to upload arbitrary files which will allow for the execution of arbitrary code as the...
kernel: nfsd4: bug in read_buf
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service panic or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the readbuf and...
kernel: nfsd4: bug in read_buf
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service panic or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the readbuf and...
kernel: nfsd4: bug in read_buf
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service panic or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the readbuf and...
kernel: nfsd4: bug in read_buf
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service panic or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the readbuf and...
SolarWinds TFTP Server 10.4.0.13 - Denial of Service
SolarWinds TFTP Server 10.4.0.13 - Denial of Service !/usr/bin/python print "\n" print " Nullthreat Network" print " Solarwinds TFTP Server Ver. 10.4.0.13" print " Elliott "Nullthreat" Cutright" print " [email protected]" print "" print "\n" Summary: An long Write Request 1000 A's will...
SolarWinds TFTP Server 10.4.0.13 - Denial of Service
!/usr/bin/python print "\n" print " Nullthreat Network" print " Solarwinds TFTP Server Ver. 10.4.0.13" print " Elliott "Nullthreat" Cutright" print " [email protected]" print "" print "\n" Summary: An long Write Request 1000 A's will cause SolarWinds TFTP Server to crash. Tested on:...
Design/Logic Flaw
PumpKIN TFTP Server 2.7.2.0 allows remote attackers to cause a denial of service via a write request with a long mode field...
CVE-2008-1611
Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows remote attackers to cause a denial of service or execute arbitrary code via a long filename in a read or write request...
CVE-2007-5731
Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461...
Path traversal
Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461...
CVE-2007-5731
CVE-2007-5731: Absolute path traversal in Apache Jakarta Slide (2.1 and earlier) via WebDAV write with a SYSTEM-tag entity allows remote authenticated users to read arbitrary files. Base access requires authentication; impact is partial confidentiality breach. The provided documents do not specif...
CVE-2007-5461
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag...
CVE-2007-5461
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag...