2480 matches found
FreeBSD Ports: fetchmail
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Arihant Infotech CMS Cross Site Scripting
. \ || \ \ \ / \ /\ \ |/ \ alert0;&Submit= D3m0: http://site.sunrisepolymers.com/searchresult.php http://website.deepakfoundation.org/searchresult.php [email protected]========= + Greetz to All Ajaxtm Security Member HUrr!c4nE - black.shadowes - hadihadi -...
http-slowloris-check NSE Script
Tests a web server for vulnerability to the Slowloris DoS attack without actually launching a DoS attack. Slowloris was described at Defcon 17 by RSnake see . This script opens two connections to the server, each without the final CRLF. After 10 seconds, second connection sends additional header...
Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities
Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download:...
CVE-2012-2330
The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero length string...
Design/Logic Flaw
The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero length string...
CVE-2012-2330
The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero length string...
CVE-2012-2330
The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero length string...
CVE-2012-2330
The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero length string...
CVE-2012-2330
The CVE-2012-2330 entry affects Node.js, where the Update method in src/node_http_parser.cc fails to properly check string length in versions prior to 0.6.17 and 0.7 prior to 0.7.8. This could allow remote attackers to read sensitive request header contents and potentially spoof HTTP headers via ...
Scientific Linux Security Update : squid on SL3.x, SL4.x, SL5.x i386/x86_64
A flaw was found in the way squid manipulated HTTP headers for cached objects stored in system memory. An attacker could use this flaw to cause a squid child process to exit. This interrupted existing connections and made proxy services unavailable. Note: the parent squid process started a new...
Scientific Linux Security Update : httpd on SL4.x, SL5.x, SL6.x i386/x86_64
The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially crafted Range header...
CentOS Update for httpd CESA-2011:1245 centos4 x86_64
Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2011:1245 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
CentOS Update for httpd CESA-2011:1245 centos4 x86_64
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
europ INNET Web Studio Administration Program 2.0 XSS / CSRF / LFI
====================================================== Vulnerable software: Administration Programm v 2.0 Vendor: europ INNET Web Studio, www.europ-innet.com ====================================================== Vulnerabilities: //insertguestbook.php ==============VULNERABLE CODE...
CVE-2012-3696
CRLF injection vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP request splitting attacks via a crafted web site that leverages improper WebSockets URI handling...
CVE-2012-3696
CVE-2012-3696 is a WebKit/Safari vulnerability (pre-6.0) exposed via crafted WebSockets URI handling leading to CRLF HTTP header injection and potential HTTP request splitting. The issue affects WebKit in Safari and is documented alongside other WebKit/WebKit-related CVEs in the 2012-09 timeframe...
CVE-2011-4586
CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
Crlf injection
CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
[SECURITY] [DSA 2506-1] libapache-mod-security security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2506-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez July 02, 2012 http://www.debian.org/security/faq -...