nginx Integer Overflow Vulnerability

Qihoo 360 Web Security Research Team discovered a critical vulnerability in nginx. The vulnerability is caused by a integer overflow error within the Nginx ngxhttpcloseconnection function when r-count is less then 0 or more then 255, which could be exploited by remote attackers to compromise a...

CVE-2013-1915

ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity XXE vulnerability...

Apache HTTPD mod_log_config Cookie Handling Denial of Service - High Confidence (CVE-2012-0021)

A denial of service vulnerability has been reported in Apache HTTPD server. The vulnerability is due to a NULL pointer dereference error while logging crafted HTTP requests by modlogconfig. A remote attacker can exploit this issue by continuously sending HTTP requests containing specially crafted...

Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/59445/info The Cisco Linksys WRT310N Router is prone to multiple denial-of-service vulnerabilities when handling specially crafted HTTP requests. Successful exploits will cause the device to crash, denying service to legitimate users...

CVE-2012-6551

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service broker resource consumption via HTTP requests...

CVE-2013-3060

The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests...

Authentication flaw

The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests...

CVE-2013-3060

The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests...

CVE-2012-6551

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service broker resource consumption via HTTP requests...

Default configuration

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service broker resource consumption via HTTP requests...

CVE-2012-6551

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service broker resource consumption via HTTP requests...

CVE-2012-6551

CVE-2012-6551 affects Apache ActiveMQ: the default configuration enables a sample web application, allowing remote attackers to cause broker resource exhaustion (DoS) via HTTP requests. Affected version: ActiveMQ before 5.8.0. Impact is denial of service to the broker; no exploitation details are...

CVE-2013-3060

The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests...

CVE-2013-3060

CVE-2013-3060 affects Apache ActiveMQ pre-5.8.0, where the web console did not require authentication. This allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests. Public sources in the provided documents (e.g., ActiveMQ advisories and related Red H...

CVE-2012-6551

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service broker resource consumption via HTTP requests...

TP-Link TL-WR741N TL-WR741ND Routers - Multiple Denial of Service Vulnerabilities

TP-Link TL-WR741N TL-WR741ND Routers - Multiple Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/59325/info TP-LINK TL-WR741N and TL-WR741ND routers are prone to multiple denial-of-service vulnerabilities when handling specially crafted HTTP requests. Successful exploit...

TP-Link TL-WR741N / TL-WR741ND Routers - Multiple Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/59325/info TP-LINK TL-WR741N and TL-WR741ND routers are prone to multiple denial-of-service vulnerabilities when handling specially crafted HTTP requests. Successful exploits will cause the device to crash, denying service to legitimate users. GET...

Moderate: Red Hat Security Advisory: haproxy security update

An updated haproxy package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: puppet security update

Updated puppet packages that fix several security issues are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CVE-2012-4710

Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML external entity declaration in conjunction with an entity reference...