Newly Added (32)
- A signature to prevent a denial of service attack using /.. in HTTP request URL.
- A signature to prevent a denial of service attack using //////// in HTTP request arguments in Apache.
- A signature to prevent a Denial of Service attack using a direct URL request to /ping\?query=.
- A signature to prevent a denial of service attack using a direct URL request to a crafted URL in WEB-MISC ICQ webserver.
- A signature to prevent a Denial of Service attack using a direct URL request to a crafted URL.
- A signature to prevent a Denial of Service attack using a direct URL request to virtual folders like /_sharepoint/ in IIS.
- A signature to prevent a Denial of Service attack using a direct URL request to virtual folders like /_vti_bin/ in IIS.
- A signature to prevent a denial of service attack using a direct URL request to WService=wsbroker1/_edit.r in WebSpeed.
- A signature to prevent a denial of service attack using pg_sleep Postgres function which directly delay execution of the server process in PostgreSQL.
- A signature to prevent a denial of service attack via a crafted value of a certain wp-postpass cookie in WordPress.
- A signature to prevent a denial of service attack via a direct access to the ServletExec which would cause a java exception and kill the servlet in Microsoft Biztalk.
- A signature to prevent a denial of service attack via a long password.
- A signature to prevent a denial of service attack via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils in Apache.
- A signature to prevent a denial of service attack via a request with multiple dots preceding the extension, as demonstrated using foo..php(CVE-2008-3660) in PHP.
- A signature to prevent a denial of service attack via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg" in Icecast.
- A signature to prevent a denial of service attack via crafted use of here documents, aka the "redir_stack" issue in GNU Bash.
- A signature to prevent a denial of service attack via the count parameter to /_uuids in Apache CouchDB.
- A signature to prevent a denial of service attack via the REVLOG command in Microsoft Index Server.
- A signature to prevent a denial of service attack when a remote user attempting to exploit a flaw on a Cisco VoIP phone.
- A signature to prevent a denial of service attack when a remote user could stop the ColdFusion server for the ColdFusion Administrator includes a utility for starting and stopping the ColdFusion service from a Web browser.
- A signature to prevent a denial of service attack when a remote user executing commands on a managed system with the privileges of the ovactiond process (often 'bin' on Unix systems) in Netscape.
- A signature to prevent a denial of service attack when a user enters a long string of '%' characters in the Log On field in OWA and enters these characcters in the username and password field received in the NT challenge dialog in IIS.
- A signature to prevent a denial of service attack when a user requesting multiple malformed URLs by way of the java servlet, will cause the JRun application server to stop responding.
- A signature to prevent attackers from causing a denial of service in a handler that processes HTTP requests for DOS device files in Jigsaw web server.
- A signature to prevent attackers from causing a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number in Java or PHP.
- A signature to prevent attackers from injecting and executing arbitrary PHP code in SugarCRM 6.5.18.
- A signature to prevent attackers from injecting scripts to execute arbitrary code in the context of the underlying Web server.
- A signature to prevent attackers from specificing a link that leads to a malicious URL.
- A signature to prevent attackers from stopping the TNS Listener service, denying further database service to legitimate users.
- A signature to prevent attackers from uploading files and executing arbitrary commands eWave ServletExec 3.0C and earlier in Microsoft Biztalk.
- New Predefined File Type "JPG" for file identification.
- signatures to prevent a denial of service attack passing metacharacters to cgiproc program in Nortel Contivity.