3 matches found
CVE-2001-0460
Websweeper 4.0 is affected: it does not limit the length of certain HTTP headers, enabling a DoS via an extremely large Referrer header. OpenVAS entries corroborate a denial-of-service path by sending invalid HTTP requests, potentially crashing or destabilizing the server. The CVE details do not ...
CVE-2001-1152
Baltimore Technologies WEBsweeper 4.02: A URL blacklist management vulnerability allows remote attackers to bypass restrictions and reach unauthorized web servers by tampering with the requested URL. Exploitation vectors include (1) //, (2) /SUBDIR/.. to access parent directory, (3) /./, or (4) U...
CVE-2001-1157
Baltimore Technologies WEBsweeper 4.0 and 4.02 are described as failing to properly filter Javascript from HTML pages, enabling remote bypass of the filter via (1) an extra leading