Debian: Security Advisory (DSA-1884-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe ColdFusion Server Cross-Site Request Forgery (APSB09-12; CVE-2009-1872)

Multiple Cross Site Scripting XSS and Cross-Site Request Forgery XSRF vulnerabilities have been discovered in Adobe ColdFusion server. Adobe ColdFusion is an application server for developing dynamically generated Web sites. A remote attacker could exploit this issue to execute a cross-site...

CVE-2009-2766

httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests...

Design/Logic Flaw

httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests...

CVE-2009-2766

CVE-2009-2766 affects httpd.c in the httpd management GUI of DD-WRT 24 sp1; CGI programs under /cgi-bin/ can be accessed without administrative authentication, enabling remote changes via HTTP requests. CBSS: Network vector, low complexity, no authentication, with partial impact on confidentialit...

VulnCheck KEV: CVE-2009-1536

ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service daemon outage via a series of crafted HTTP requests, aka...

Denial of service

ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service daemon outage via a series of crafted HTTP requests, aka "Remote...

Novell eDirectory Multiple Vulnerabilities - Jul09 (Linux)

This host is running Novell eDirectory and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodnovelledirmultvulnjul09lin.nasl 5122 2017-01-27 12:16:00Z teissa $ Novell eDirectory Multiple Vulnerabilities - Jul09 Linux Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

Secunia Research: Novell eDirectory iMonitor "Accept-Language" Buffer Overflow

====================================================================== Secunia Research 14/07/2009 - Novell eDirectory iMonitor "Accept-Language" Buffer Overflow - ====================================================================== Table of Contents Affected...

Foswiki CSRF Vulnerability

Foswiki is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Addonics NAS Adapter multiple security vulnerabilities

Buffer overflow with HTTP requests, FTP DoS...

Update Protection against Oracle Application Server 10g OPMN Service Format String Vulnerability

A vulnerability was reported in Oracle Application Server, a multi-platform solution for developing and deploying enterprise applications and web sites. The flaw is due to insufficient validation of the URI part of HTTP requests. Remote attackers could exploit this vulnerability by sending a...

Ubuntu 7.10 / 8.04 LTS / 8.10 : ktorrent vulnerabilities (USN-711-1)

It was discovered that KTorrent did not properly restrict access when using the web interface plugin. A remote attacker could use a crafted http request and upload arbitrary torrent files to trigger the start of downloads and seeding. CVE-2008-5905 It was discovered that KTorrent did not properly...

CVE-2009-1012

Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE:...

Integer overflow

Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE:...

CVE-2009-1012

Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE:...

CVE-2008-5519

The JK Connector aka modjk 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving 1 a request from a different client that included a Content-Length header but no POST dat...

VirtueMart 1.1.2 SQL Injection

require 'msf/core' class Metasploit3 'VirtueMart %q This module exploits VirtueMart 'Janek Vind "waraxe" ', 'License' = MSFLICENSE, 'Version' = '1.0', 'References' = 'BID', '33480', 'URL', 'http://www.waraxe.us/advisory-71.html', 'URL', 'http://secunia.com/advisories/33671/' , 'DisclosureDate' =...

HP OpenView Network Node Manager Multiple Parameters Buffer Overflow (CVE-2009-0920; CVE-2009-0921)

The Network Node Manager NNM is an HP OpenView product which manages networks.It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running over the network. Multiple buffer overflow vulnerabilities were reported in HP OpenView...

Ziproxy Security Bypass Vulnerability

This host is running Ziproxy server and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodziproxysecbypassvuln.nasl 5676 2017-03-22 16:29:37Z cfi $ Ziproxy Security Bypass Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 SecPod, http://www.secpod.com Thi...