HTTP Authentication overflow

BugtraqID: 1685   CamShot Remote Buffer Overflow Vulnerability

Some versions of this software contain a buffer overflow.  

BugtraqID: 876   SCO Unixware i2odialogd Remote Buffer Overflow Vulnerability

i2odialogd is shipped with SCO Unixware and installed running as root by default. In its authentication mechanism exists a serious buffer overflow vulnerability. By default it runs at TCP port 360.  

BugtraqID: 865   Netscape Enterprise Server for NetWare Admin Buffer Overflow Vulnerability

The server for NetWare 4/5 includes an Admin feature that is vulnerable to denial of service attacks  

BugtraqID: 847   Netscape Enterprise & FastTrack Authentication Buffer Overflow Vulnerability

Root privileges can be gained with a username or password of more than 508 characters.  

BugtraqID: 767   Real Server Administrator Port Buffer Overflow Vulnerability

The server for streaming RealAudio contains a remote web administration facility that can be exploited in this manner.  

CVE-2000-0417   Cayman 3220-H DSL router allows remote DoS via long username or password

 

CVE-2000-0026   UnixWare i2odialogd overflow in username/password authorization

 

CVE-1999-0853   Buffer overflow in Netscape Enterprise Server and Server HTTP Basic Authentication procedure.

 

CVE-1999-0896   Buffer overflow in RealNetworks RealServer via a long username and password.

 

advICE: Buffer overflows  

More about this general class of attacks, which is the root cause of many attacks on the Internet.