Search the Community
Showing results for tags 'range'.
Affected software: Appweb Web Server CVE ID: CVE-2014-9708 Description: An HTTP request with a Range header of the form "Range: x=," (ie. with an empty range value) will cause a null pointer dereference, leading to a remotely-triggerable DoS. Fixed versions: 4.6.6, 5.2.1 Bug entry: https://github.com/embedthis/appweb/issues/413 Fix: https://github.com/embedthis/appweb/commit/7e6a925f5e86a19a7934a94bbd6959101d0b84eb#diff-7ca4d62c70220e0e226e7beac90c95d9L17348 Reported by: Matthew Daley - Matthew Daley Source: http://dl.packetstormsecurity.net/1503-exploits/appweb-dos.txt
Another security advisory covering Siemens industrial kit has reached the public, this time covering wireless industrial networking hardware. ICS-CERT advises that the Ruggedcom range of 802.16e (Wimax, for those with long memories) switches from the company carries a range of vulnerabilities that let attackers scam admin privileges for themselves. The vulnerabilities are: CVE- 2015-1448 – attackers can get administrative access to the kit over the network, without authentication; CVE- 2015-1449 – a buffer overflow in the integrated Web server means an attacker over port 443 might get remote