Marc Ruef

9 exploits Active since Feb 2000
CVE-2002-1907 EXPLOITDB text WRITEUP
TelCondex SimpleWebServer 2.06.20817 - Denial of Service via Long HTTP GET Request
TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
CVE-2002-1897 EXPLOITDB text WRITEUP
MyWebServer 1.0.2 - Denial of Service via Long HTTP Request
MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow.
CVE-2003-0375 EXPLOITDB text WRITEUP
XMB 1.8.x - Cross-Site Scripting via Member Parameter
Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter.
CVE-2004-1699 EXPLOITDB text WRITEUP
Pinnacle ShowCenter 1.51 - Denial of Service via Invalid Skin Parameter
SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers to cause a denial of service (web interface errors) via an invalid Skin parameter.
CVE-2000-0204 EXPLOITDB text WORKING POC
Trend Micro OfficeScan - Denial of Service via Multiple Connections to Port 12345
The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%.
CVE-2004-2032 EXPLOITDB text WRITEUP
Netgear RP114 - URL Filtering Bypass via Long URL with Hex-Encoded Spaces
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences.
CVE-2008-4133 EXPLOITDB text WRITEUP
D-Link DIR-100 - Web Proxy Filter Bypass via Large URL
The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters.
EIP-2026-101014 EXPLOITDB text STUB
Dreambox - Web Interface URI Remote Denial of Service
CVE-2007-2832 EXPLOITDB text WRITEUP
Cisco CallManager - Cross-Site Scripting via CCMAdmin/serverlist.asp Pattern Parameter
Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors.