Xerver HTTP Server Web Administration <= 4.32 DoS Vulnerability

Xerver HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Code injection

Xerver 4.32 allows remote authenticated users to cause a denial of service daemon crash via a non-numeric web port assignment in the management interface. NOTE: this can be leveraged by non-authenticated attackers using CVE-2009-4657...

CVE-2009-4657

The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated by setting the action option to wizardStep1...

CVE-2009-4658

Xerver 4.32 allows remote authenticated users to cause a denial of service daemon crash via a non-numeric web port assignment in the management interface. NOTE: this can be leveraged by non-authenticated attackers using CVE-2009-4657...

CVE-2009-4657

The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated by setting the action option to wizardStep1...

CVE-2009-4657

CVE-2009-4657 affects the Xerver 4.32 administrator package. The vulnerability allows remote attackers to alter application settings because authentication is not required when connecting to the application on port 32123, demonstrated by setting the action option to wizardStep1. The vulnerability...

Xerver 4.31, 4.32 HTTP Response Splitting

Exploit for unknown platform in category web applications ========================================= Xerver 4.31, 4.32 HTTP Response Splitting ========================================= Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor...