Gbr

Name of the Vulnerable Software and Affected Versions: MiniWeb Http Server versions 0.8.x Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending a negative value in the `Content-Length` HTTP header. Recommendations: For MiniWeb Http Server versions 0.8.x, consider validating the `Content-Length` header to prevent negative values until a patch is available. As a temporary workaround, restrict access to the HTTP server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NewzCrawler version 1.8 **Description** The issue allows remote attackers to cause application instability via certain invalid strings in the URL attribute of an ENCLOSURE element. This can be achieved with specific sequences such as `%s`, `%Y`, `%%`, and `n,`. **Recommendations** For NewzCrawler version 1.8, as a temporary workaround, consider restricting the use of the ENCLOSURE element or validating the input strings to prevent instability until a fix is available.

**Name of the Vulnerable Software and Affected Versions** BitsCast version 0.13.0 **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved by providing an RSS 2.0 feed item containing certain invalid strings in the pubDate element. Specifically, patterns such as repeated "../A" or "A/../" can trigger this behavior. **Recommendations** For BitsCast version 0.13.0, consider validating or sanitizing the input for the pubDate element in RSS 2.0 feed items to prevent the application from crashing due to invalid strings. As a temporary workaround, restrict the processing of RSS 2.0 feed items containing suspicious patterns until a patch is available.

Name of the Vulnerable Software and Affected Versions: acFTP version 1.5 Description: The issue allows remote authenticated users to cause a denial of service. This can be achieved by providing a crafted argument to either the REST or PBSZ command. Recommendations: For acFTP version 1.5, consider restricting access to the REST and PBSZ commands until a patch is available. As a temporary workaround, avoid using crafted arguments with these commands to prevent denial of service.