2442 matches found
Mandriva Update for cups MDVSA-2010:073-1 (cups)
Check for the Version of cups OpenVAS Vulnerability Test Mandriva Update for cups MDVSA-2010:073-1 cups Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Linux Security Advisory : cups (MDVSA-2010:073-1)
Multiple vulnerabilities has been found and corrected in cups : CUPS in does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a the product's web interface,...
Interchange HTTP Response Splitting Vulnerability
Binary data 5488.prm...
Interchange HTTP Response Splitting Vulnerability
Interchange is prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust. Interchange versions...
Interchange HTTP Response Splitting Vulnerability
Interchange is prone to an HTTP response-splitting vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
IBM Lotus 6.x HTTP Response Splitting Vulnerability
No description provided by source. ========================================= Yaniv Miron aka "Lament" Advisory March 12, 2010 IBM Lotus 6.x HTTP Response Splitting Vulnerability ========================================= ===================== I. BACKGROUND ===================== IBM Lotus Software...
IBM Lotus 6.x HTTP Response Splitting Vulnerability
========================================= Yaniv Miron aka "Lament" Advisory March 12, 2010 IBM Lotus 6.x HTTP Response Splitting Vulnerability ========================================= ===================== I. BACKGROUND ===================== IBM Lotus Software delivers robust collaboration...
IBM Lotus 6.x HTTP Response Splitting Vulnerability
Exploit for unknown platform in category web applications =================================================== IBM Lotus 6.x HTTP Response Splitting Vulnerability =================================================== ===================== I. BACKGROUND ===================== IBM Lotus Software delive...
IBM Lotus 6.x HTTP Response Splitting
========================================= Yaniv Miron aka "Lament" Advisory March 12, 2010 IBM Lotus 6.x HTTP Response Splitting Vulnerability ========================================= ===================== I. BACKGROUND ===================== IBM Lotus Software delivers robust collaboration...
cPanel HTTP Response Splitting Vulnerability
No description provided by source. Security Advisory by Trancer January 21 2010 http://www.rec-sec.com "Hacking, however, is an art, not a science." Vendor ------ cPanel Inc. - http://www.cpanel.net Vulnerability Information ------------------------- Application description: "cPanel is the indust...
cPanel failurl参数HTTP响应拆分漏洞
BUGTRAQ ID: 37902 cPanel是基于Web的工具,用于自动化控制网站和服务器。 cPanel的登录页面在用户登录失败的情况下在Location HTTP头中将failurl参数值返回给了客户端。由于没有对这个参数值执行任何过滤,用户提交恶意登录请求就可以执行HTTP响应拆分攻击,导致在用户浏览器会话中执行任意代码。 cPanel cPanel 11.25 cPanel WebHost Manager 11.25 厂商补丁: cPanel ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
cPanel HTTP Response Splitting
Recognize-Security - cPanel HTTP Response Splitting Vulnerability ----------------------------------------------------------------- Security Advisory by Trancer January 21 2010 http://www.rec-sec.com "Hacking, however, is an art, not a science." Vendor ------ cPanel Inc. - http://www.cpanel.net...
cPanel - HTTP Response Splitting
cPanel - HTTP Response Splitting Recognize-Security - cPanel HTTP Response Splitting Vulnerability ----------------------------------------------------------------- Security Advisory by Trancer January 21 2010 http://www.rec-sec.com "Hacking, however, is an art, not a science." Vendor ------ cPan...
cPanel HTTP Response Splitting Vulnerability
Exploit for unknown platform in category web applications ============================================ cPanel HTTP Response Splitting Vulnerability ============================================ Vendor ------ cPanel Inc. - http://www.cpanel.net Vulnerability Information -------------------------...
cPanel and WHM 11.25 - failurl HTTP Response Splitting
cPanel and WHM 11.25 - failurl HTTP Response Splitting source: https://www.securityfocus.com/bid/37902/info cPanel and WHM is prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This...
cPanel and WHM 11.25 - 'failurl' HTTP Response Splitting
source: https://www.securityfocus.com/bid/37902/info cPanel and WHM is prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client...
cPanel - HTTP Response Splitting
Recognize-Security - cPanel HTTP Response Splitting Vulnerability ----------------------------------------------------------------- Security Advisory by Trancer January 21 2010 http://www.rec-sec.com "Hacking, however, is an art, not a science." Vendor ------ cPanel Inc. - http://www.cpanel.net...
Multiple Vulnerabilities in XOOPS 2.4.3 and earlier
======================================================================== = CodeScan Advisory, codescan.com [email protected] = = Multiple vulnerablities in Xoops 2.4.3 = = Vendor Website: = http://www.xoops.org = = Affected Version: = Xoops 2.4.3 And Earlier = = Researched By = CodeScan Lab...
Mandriva Linux Security Advisory : mono (MDVSA-2009:322)
Multiple vulnerabilities has been found and corrected in mono : IOActive Inc. found a buffer overflow in Mono.Math.BigInteger class in Mono 1.2.5.1 and previous versions, which allows arbitrary code execution by context-dependent attackers CVE-2007-5197. Multiple cross-site scripting XSS...
CVE-2009-4086
CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party information...