Ubuntu Update for tomcat7 USN-2130-1

Check for the Version of tomcat7 OpenVAS Vulnerability Test $Id: gbubuntuUSN21301.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for tomcat7 USN-2130-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

Ubuntu: Security Advisory (USN-2130-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : tomcat6, tomcat7 vulnerabilities (USN-2130-1)

It was discovered that Tomcat incorrectly handled certain inconsistent HTTP headers. A remote attacker could possibly use this flaw to conduct request smuggling attacks. CVE-2013-4286 It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A...

USN-2130-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled certain inconsistent HTTP headers. A remote attacker could possibly use this flaw to conduct request smuggling attacks. CVE-2013-4286 It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A...

[ParameterFuzz v1.8] Parameter´s auditor for web applications

ParameterFuzz is a tool to check the level of fortification in web applications, try to cover the field more exploited by hackers, as the majority of known attacks are based on exploiting poorly filtered parameters. Just as SQL injection, Cross Site Scripting or RFI among others. This tool is...

shopnc 6.0 single-user version of the injection-vulnerability warning-the black bar safety net

shopnc 6.0 single-user version Shopnc version a little bit more yeah all the Don't remember which. ShopNC®Tianjin network-city science and Technology Co., Ltd. Copyright© 2007-2009 ShopNC, Powered by ShopNC Team , All Rights Reserved Jin ICP 备 0 8 0 0 0 1 7 No. 1 Baidu just a search one. This...

Amin'z Tech CMS Shell Upload / SQL Injection

---------------------------------------------- Exploit Title : Amin'z Tech Login Page SQL Injection Bypass / Upload shell vulnerability Exploit Author : ACC3SS Vendor Homepage : http://www.aminztech.com Google Dork : intext:"AMIN'Z TECH" inurl:panel Date: 2014-01-16 Tested on: Windows 7...

[SpiderFoot v2.1.0] The Open Source Footprinting tool

SpiderFoot is a free, open-source footprinting tool, enabling you to perform various scans against a given domain name in order to obtain information such as sub-domains, e-mail addresses, owned netblocks, web server versions and so on. The main objective of SpiderFoot is to automate the...

CVE-2014-1406

CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the submit-url parameter in a Refresh action...

CVE-2014-1406

CVE-2014-1406: CRLF injection in goform/formWlSiteSurvey on Conceptronic C54APM (runtime 1.26) allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via the submit-url parameter in a Refresh action. Documents identify the affected component and vulnerability...

[Sandcat Browser 4.4] The fastest web browser combined with the fastest scripting language packed with features for pen-testers

Sandcat Browser is the fastest web browser combined with the fastest scripting language packed with features for pen-testers. Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team. The Sandcat Browser is built on top...

MediaWiki < 1.19.9 / 1.20.8 / 1.21.3 Multiple Vulnerabilities

According to its version number, the instance of MediaWiki running on the remote host is affected by the following vulnerabilities : - Input validation errors exist that allow cross-site scripting attacks. CVE-2013-4567, CVE-2013-4568 - An error exists related to session IDs and HTTP headers that...

Simple File Manager vX.X File Upload Vulenrability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: Simple File Manager vX.X File Upload Vulenrability + Date: 11-12-2013 + Category: WebApp + Vendor:onedotoh.sourceforge.net/‎ + Google Dork: Do Some Work and you'll find it : + Tested on: Win7 , ubuntu...

RedAxScript 1.1 SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

CVE-2013-4522

lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...

CVE-2013-4522

lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...

Design/Logic Flaw

lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...

CVE-2013-4522

CVE-2013-4522 affects Moodle: lib/filelib.php (various 2.2–2.5 branches) fails to send Cache-Control: private headers, enabling a caching proxy to serve previously retrieved files and potentially expose sensitive information. Impact is information exposure via cached responses; no exploit details...

CVE-2013-4522

lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...

CVE-2013-2652

CRLF injection vulnerability in help/helplanguage.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter...