Cisco Security Manager HTTP Header开放重定向漏洞

Bugtraq ID:66566 CVE ID:CVE-2014-2138 Cisco Security Manager可将配置策略的任务和针对思科安全部署的控制措施集中起来处理，从而能够高效地管理企业级安全性。 Cisco Security Manager WEB架构存在安全漏洞，允许攻击者利用漏洞注入特制的HTTP头，重定向WEB页至恶意站点。 0 Cisco Security Manager 目前没有详细解决方案： https://www.cisco.com...

Updated tomcat package fixes security vulnerabilities

Apache Tomcat 7.x before 7.0.50 processes chunked transfer coding without properly handling 1 a large total amount of chunked data or 2 whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data CVE-2013-4322...

HTTP Header Detection

This module shows HTTP Headers returned by the scanned systems. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Header Detection', 'Description' = %q This module shows HTTP Headers returne...

CVE-2014-2137

CRLF injection vulnerability in the web framework in Cisco Web Security Appliance WSA 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002...

Cisco WSA HTTP Header Injection Vulnerability

A vulnerability in the web framework of Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to inject a crafted HTTP header that could cause a web page redirection to a possible malicious website. The vulnerability is due to insufficient validation of user input befor...

Cisco Security Manager HTTP Header Redirection Vulnerability

A vulnerability in the web framework of Cisco Security Manager could allow an unauthenticated, remote attacker to inject a crafted HTTP header, which will cause a web page redirection to a possible malicious website. The vulnerability is due to insufficient validation of user input before using i...

CVE-2013-1869

CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network RHN Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting XSS attacks, via the returnurl parameter...

CVE-2013-6955 Synology DSM remote code execution

Products Affected By CVE-2013-6955 Diskstation Manager 4.0 4.2 4.3 4.3-3810 Vendor: Synology Status: Patched webman/imageSelector.cgi in Synology DiskStation Manager DSM 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary...

OkCupid: Security issue in OkCupid

I come across security issue in OkCupid. OkCupid is using Components with Known Vulnerabilities. Link: http://www.okcupid.com/ Criticality level: Medium Each http response shows server information Version, which is not useful to user and browser. But same can be useful to attacker. Description :...

CVE-2013-4322

Removed by vendor...

CVE-2014-1401

Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 search parameter to mod/content/content.php or 2 CLIENTIP, 3 XFORWARDEDFOR, 4 XFORWARDED, 5 FORWARDEDFOR, or 6 FORWARDED HTTP header to index.php...

Moderate: Red Hat Security Advisory: spacewalk-java, spacewalk-web and satellite-branding security update

Updated spacewalk-java, spacewalk-web, and satellite-branding packages that fix multiple security issues are now available for Red Hat Satellite 5.6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

ecshop可绕过ip安全校验

简要描述： 伪造ip，绕过与ip相关的任何限制 详细说明： / 获得用户的真实IP地址 @access public @return string / function realip static $realip = NULL; if $realip !== NULL return $realip; if isset$SERVER if isset$SERVER'HTTPXFORWARDEDFOR' $arr = explode',', $SERVER'HTTPXFORWARDEDFOR'; / 取X-Forwarded-For中第一个非unknown的有效IP字符串 / foreach...

CVE-2013-7282

The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36NIS01 allows remote attackers to bypass authentication via a "Cookie: :language=en" HTTP header...

Authentication flaw

The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36NIS01 allows remote attackers to bypass authentication via a "Cookie: :language=en" HTTP header...

CVE-2013-7282

The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36NIS01 allows remote attackers to bypass authentication via a "Cookie: :language=en" HTTP header...

Design/Logic Flaw

webman/imageSelector.cgi in Synology DiskStation Manager DSM 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header...

CVE-2013-6955

webman/imageSelector.cgi in Synology DiskStation Manager DSM 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header...

Ultimate PHP Board User-Agent HTTP Header Code Execution - Ver2 (CVE-2003-0395)

A code execution vulnerability has been reported in Ultimate PHP Board. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CVE-2013-5612

Cross-site scripting XSS vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header...