Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8659 matches found

0day.today
0day.todayadded 2013/10/12 12:0 a.m.19 views

VMware Hyperic HQ Groovy Script-Console Java Execution Vulnerability

This Metasploit module uses the VMware Hyperic HQ Groovy script console to execute OS commands using Java. Valid credentials for an application administrator user account are required. This Metasploit module has been tested successfully with Hyperic HQ 4.6.6 on Windows 2003 SP2 and Ubuntu 10.04...

7.5AI score
Exploits0
Metasploit
Metasploitadded 2013/10/10 6:37 p.m.12 views

VMware Hyperic HQ Groovy Script-Console Java Execution

This module uses the VMware Hyperic HQ Groovy script console to execute OS commands using Java. Valid credentials for an application administrator user account are required. This module has been tested successfully with Hyperic HQ 4.6.6 on Windows 2003 SP2 and Ubuntu 10.04 systems. This module...

7.8AI score
Exploits0
NVD
NVDadded 2013/07/09 5:55 p.m.20 views

CVE-2013-2051

The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887...

2.6CVSS9.5AI score0.00338EPSS
Exploits2References3
Prion
Prionadded 2013/07/09 5:55 p.m.37 views

Authentication flaw

The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887...

2.6CVSS6.8AI score0.00895EPSS
Exploits2References3Affected Software1
RedHat Linux
RedHat Linuxadded 2013/07/01 3:10 p.m.3 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/07/01 3:10 p.m.4 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/05/28 5:28 p.m.2 views

tomcat: DIGEST authentication vulnerable to replay attacks

The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887...

5CVSS7.4AI score0.00895EPSS
Exploits2References4
Positive Technologies
Positive Technologiesadded 2013/05/28 12:0 a.m.4 views

PT-2013-3518 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat 6 versions affected versions not specified Description: The issue allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. This is due to an incomplete fix for a...

6.9CVSS8.1AI score0.00338EPSS
Exploits3References15
RedHat Linux
RedHat Linuxadded 2013/04/09 6:4 p.m.0 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/04/09 6:4 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/20 3:48 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/14 4:46 p.m.5 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/14 4:46 p.m.3 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/14 4:40 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/14 4:40 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/12 5:57 p.m.5 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/11 7:3 p.m.1 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/11 7:3 p.m.3 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/11 7:3 p.m.1 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/11 6:33 p.m.0 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
Rows per page
Query Builder