CVE-2017-3933

Embedding Script XSS in HTTP Headers vulnerability in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack...

CVE-2017-3933

Embedding Script XSS in HTTP Headers vulnerability in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack...

CVE-2017-3933

Embedding Script XSS in HTTP Headers vulnerability in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack...

USN-3464-2: Wget vulnerabilities

USN-3464-1 fixed several vulnerabilities in Wget. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Antti Levomäki, Christian Jalio, and Joonas Pihlaja discovered that Wget incorrectly handled certain HTTP responses. A remote attacker could use this...

Ubuntu 14.04 LTS / 16.04 LTS : Wget vulnerabilities (USN-3464-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3464-1 advisory. Antti Levomki, Christian Jalio, and Joonas Pihlaja discovered that Wget incorrectly handled certain HTTP responses. A remote attacker could u...

USN-3464-1: Wget vulnerabilities

Antti Levomäki, Christian Jalio, and Joonas Pihlaja discovered that Wget incorrectly handled certain HTTP responses. A remote attacker could use this issue to cause Wget to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-13089, CVE-2017-13090 Dawid Golunski...

GHSA-FCQF-H4H4-695M actionpack CRLF injection vulnerability

CRLF injection vulnerability in actionpack/lib/actioncontroller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header...

EllaScanner - Passive Web Scanner

Passive web scanner. EllaScanner is a simple passive web scanner. Using this tool you can simply check your site’s security state. Usage: ./Start.py https:// or http:// Scanning of the site consists several phases: At the first phase, you can get recommendations related to http/https headers. The...

CVE-2015-5740

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers...

CVE-2015-5740

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers...

Blisqy - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB)

A slow data siphon for MySQL/MariaDB using bitwise operation on printable ASCII characters, via a blind-SQL injection. Usage USAGE: blisqy.py --server --port --header --hvalue --inject --payload --dig --sleeptime Options: -h, --help show this help message and exit --server=WEBSERVER Specify host...

CVE-2017-1000099

When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user stdout or the application's provide callback, which could lead to other private data from the heap to...

CVE-2017-1000099

When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user stdout or the application's provide callback, which could lead to other private data from the heap to...

Cloudflare CTO Goes Inside the Cloudbleed Bug

MADRID—John Graham-Cumming presided over a confessional Wednesday at Virus Bulletin 2017. Cloudflare’s chief technology officer was frank and apologetic about February’s Cloudbleed bug, which leaked memory from the content delivery network that included internal private keys and authentication...

PT-2017-3122 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: The issue is related to insufficient validation of HTTP request headers in the direct authentication feature of Cisco Adaptive Security Appliance ASA...

Low: wget

Issue Overview: CRLF injection in the urlparse function in url.c A CRLF injection flaw was found in the way wget handled URLs. A remote attacker could use this flaw to inject arbitrary HTTP headers in requests, via CRLF sequences in the host sub-component of a URL, by tricking a user running wget...

CVE-2014-9564

CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware before 3.4.1110 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks and resulting web cache poisoning or cross-site scripting XSS attack...

CVE-2014-9564

IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware (versions up to 3.4.1110 and earlier) is affected by two vulnerabilities mapped to CVE-2014-9564 (CRLF injection leading to HTTP response splitting, Web cache poisoning and potentially XSS) and CVE-2014-9565 (CSRF/XSS-r...

Cache Poisoning

resteasy-jaxrs is vulnerable to cache poisoning. The library does not add HTTP VARY: Origin headers to it’s responses, causing inaccurate caching when re-used across-origins...

Discourse: CSRF-tokens on pages without no-cache headers, resulting in ATO when using CloudFlare proxy (Web Cache Deception)

Hi, I noticed this issue on one of your clients which was using CloudFlare in front of their Discourse. This is not affecting try.discourse.org but the same underlying issue can be seen there as well even though it's not exploitable on that specific domain. The TL;DR of issue is basically:...