196 matches found
CVE-2012-1184
Stack-based buffer overflow in the astparsedigest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header...
CVE-2012-1184
Stack-based buffer overflow in the astparsedigest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header...
Stack overflow
Stack-based buffer overflow in the astparsedigest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header...
CVE-2012-1184
Stack-based buffer overflow in the astparsedigest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header...
CVE-2012-1184
Stack-based buffer overflow in the astparsedigest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header...
Fedora 16 : tomcat6-6.0.35-1.fc16 (2012-7593)
Update to tomcat 6.0.35 CVE-2011-1184 multiple weaknesses in HTTP DIGEST authentication Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...
Scientific Linux Security Update : tomcat6 on SL6.x
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. APR Apache Portable Runtime as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. It refers to the implementation of APR provided by the...
Scientific Linux Security Update : tomcat5 on SL5.x i386/x86_64
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was found that web applications could modify the location of the Tomcat host's work directory. As web applications deployed on Tomcat have read and write access to this directory, a malicious web...
CentOS Update for tomcat5 CESA-2011:1845 centos5 x86_64
Check for the Version of tomcat5 OpenVAS Vulnerability Test CentOS Update for tomcat5 CESA-2011:1845 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CentOS Update for tomcat5 CESA-2011:1845 centos5 x86_64
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for tomcat6 CESA-2011:1780 centos6
Check for the Version of tomcat6 OpenVAS Vulnerability Test CentOS Update for tomcat6 CESA-2011:1780 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
RedHat Update for tomcat6 RHSA-2011:1780-01
Check for the Version of tomcat6 OpenVAS Vulnerability Test RedHat Update for tomcat6 RHSA-2011:1780-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Moderate: Red Hat Security Advisory: tomcat6 security and bug fix update
Updated tomcat6 packages that fix multiple security issues and three bugs are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System...
tomcat: Multiple weaknesses in HTTP DIGEST authentication
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...
Asterisk ast_parse_digest Function HTTP Digest Authentication String Parsing Remote Overflow (AST-2012-003)
According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a vulnerability that could allow a remote attacker to crash the server, or possibly inject arbitrary code by sending an arbitrarily long string value for HTTP Digest...
Asterisk - ast_parse_digest() Stack Buffer Overflow (PoC)
Asterisk - astparsedigest Stack Buffer Overflow PoC =========================== Description =========================== There is a remotely exploitable stack buffer overflow in HTTP digest authentication handling in Asterisk. This vulnerability includes the possibility of code execution with plen...
Asterisk - 'ast_parse_digest()' Stack Buffer Overflow (PoC)
=========================== Description =========================== There is a remotely exploitable stack buffer overflow in HTTP digest authentication handling in Asterisk. This vulnerability includes the possibility of code execution with plenty of stack space for inserting custom code to run. ...
Important: Red Hat Security Advisory: jbossweb security update
Updated jbossweb packages that fix multiple security issues are now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...
Moderate: Red Hat Security Advisory: jbossweb security update
An update for JBoss Enterprise Application Platform 4.3.0 CP10 that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
tomcat: Multiple weaknesses in HTTP DIGEST authentication
DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret aka private key, which makes it easier for remote attackers to bypass cryptographic...