DNS BailiWicked Domain Attack

This exploit attacks a fairly ubiquitous flaw in DNS implementations which Dan Kaminsky found and disclosed Jul 2008. This exploit replaces the target domains nameserver entries in a vulnerable DNS cache server. This attack works by sending random hostname queries to the target DNS server coupled...

DNS cache servers resource consumption by TCP SYN_SENT states

Overview DNS cache servers consume huge resources for communication with DNS authoritative servers in the following situation. 1 a user sends a query to the DNS cache server 2 the DNS cache server sends a UDP query to an authoritative server 3 when the authoritative server finds that the reply...

Moderate: Red Hat Security Advisory: squid security update

Updated squid packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Squid is a high-performance proxy caching server for Web clients, supporting FTP,...

Cache' SuperServer Detection

The remote service is a Cache' server, sometimes refered to as a Cache' SuperServer. Cache' is an object database often used in association with web applications, and the SuperServer listens for incoming connections and dispatches them to the appropriate subsystem. %NASLMINLEVEL 70300 C Tenable...

CVE-2007-4427

Unspecified vulnerability in the login page redirection logic in the Cache' Server Page CSP implementation in InterSystems Cache' 2007.1.0.369.0 and 2007.1.1.420.0 allows remote authenticated users to modify data on a server, related to encoding of certain parameter values by this redirection...

Code injection

Unspecified vulnerability in the login page redirection logic in the Cache' Server Page CSP implementation in InterSystems Cache' 2007.1.0.369.0 and 2007.1.1.420.0 allows remote authenticated users to modify data on a server, related to encoding of certain parameter values by this redirection...

CVE-2003-1333

InterSystems Cache CSP in Cache versions 4.0.3–5.0.5 is described as having an unspecified vulnerability that allows remote attackers to gain complete control of the server. The provided documents do not specify the root cause, affected components beyond CSP, exploit details, or remediation guida...

CVE-2003-1333

Unspecified vulnerability in the Cache' Server Page CSP implementation in InterSystems Cache' 4.0.3 through 5.0.5 allows remote attackers to "gain complete control" of a server...

CVE-2007-0437

Multiple cross-site scripting XSS vulnerabilities in the sample Cache' Server Page CSP scripts in InterSystems Cache' allow remote attackers to inject arbitrary web script or HTML via 1 the TO parameter to loop.csp, 2 the VALUE parameter to cookie.csp, and 3 the PAGE parameter to showsource.csp i...