Remote code execution

By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz...

SUSE-SU-2017:1961-1 Security update for apache2

This update for apache2 fixes the following issues: Security issue fixed: - CVE-2017-9788: Uninitialized memory reflection in modauthdigest. bsc1048576 Bug fixes: - Include individual sysconfig.d files instead of the whole sysconfig.d directory. - Include sysconfig.d/include.conf after httpd.conf...

Apache Httpd < 2.2.34 : Uninitialized memory reflection in mod_auth_digest

The value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by modauthdigest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior...

Apache Httpd < 2.4.27 : Uninitialized memory reflection in mod_auth_digest

The value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by modauthdigest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior...

CVE-2017-8920

irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS...

MS15-076 Windows: DCOM DCE/RPC Local NTLM Reflection Elevation of Privilege (CVE-2015-2370)

Windows: DCOM DCE/RPC-Local NTLM Reflection Elevation of Privilege Platform: Windows 8.1 Update not tested on Windows 7, 10 Class: Elevation of Privilege Summary: Local DCOM DCE/RPC connections can be reflected back to a listening TCP socket allowing access to an NTLM authentication challenge for...

APT29 Used Domain Fronting, Tor to Execute Backdoor

APT29, a/k/a Cozy Bear, has been utilizing a technique called domain fronting in order to secure backdoor access to targets for nearly two years running, experts said Monday. The nation state attackers have reportedly been pairing the anonymity software Tor with a Tor plugin that specializes in...

APT29 Domain Fronting With TOR

Mandiant has observed Russian nation-state attackers APT29 employing domain fronting techniques for stealthy backdoor access to victim environments for at least two years. There has been considerable discussion about domain fronting following the release of a paper detailing these techniques...

DDoS of Past, Present and Future

The pervasiveness of technology has meant automation of tasks, allowing better productivity, with more time to do more. However, the dark side of technology would be that enterprises and individuals alike are vulnerable to cybercrimes, compromise of identities, loss of data and subject to malicio...

Information Disclosure Vulnerability in Multiple Micro Focus Products

Micro Focus Host Access Management and Security Server MSS, formerly known as Attachmate Host Access Management and Security Server and others are products of Micro Focus, a British company.MSS is a MSS is a server that provides access management and security; Reflection for the Web RWeb, formerl...

CVE-2016-5765

Administrative Server in Micro Focus Host Access Management and Security Server MSS and Reflection for the Web RWeb and Reflection Security Gateway RSG and Reflection ZFE ZFE allows remote unauthenticated attackers to read arbitrary files via a specially crafted URL that allows limited directory...

CVE-2016-5765

The CVE-2016-5765 entry describes a remote, unauthenticated directory-traversal information-disclosure in Micro Focus MSS and related products (RWeb, RSG, ZFE, and older components). Affected: MSS 12.3 before 12.3.326, MSS 12.2 before 12.2.342; RSG 12.1 before 12.1.362; RWeb 12.3 before 12.3.312,...

CVE-2016-5765

Administrative Server in Micro Focus Host Access Management and Security Server MSS and Reflection for the Web RWeb and Reflection Security Gateway RSG and Reflection ZFE ZFE allows remote unauthenticated attackers to read arbitrary files via a specially crafted URL that allows limited directory...

Fedora 25 : php (2016-dc5bf39fcf)

15 Sep 2016 PHP version 7.0.11 Core: - Fixed bug php72944 NULL pointer deref in zvaldelrefp. Dmitry - Fixed bug php72943 assigndim on string doesn't reset hval. Laruence - Fixed bug php72911 Memleak in zendbinaryassignopobjhelper. Laruence - Fixed bug php72813 Segfault with get returned by ref...

Microsoft Windows Server 2008 / 2012 - LDAP RootDSE Netlogon Denial Of Service (PoC)

Exploit for windows platform in category dos / poc !/usr/bin/perl MS Windows Server 2008/2008 R2/ 2012/2012 R2/ AD LDAP RootDSE Netlogon CLDAP "AD Ping" query reflection DoS PoC Copyright 2016 c Todor Donev Varna, Bulgaria email protected https://www.ethical-hacker.org/...

Microsoft Windows Server 20082012 - LDAP RootDSE Netlogon Denial of Service

Microsoft Windows Server 20082012 - LDAP RootDSE Netlogon Denial of Service !/usr/bin/perl MS Windows Server 2008/2008 R2/ 2012/2012 R2/ AD LDAP RootDSE Netlogon CLDAP "AD Ping" query reflection DoS PoC Copyright 2016 c Todor Donev Varna, Bulgaria [email protected]...

CVE-2016-9182

Exponent CMS 2.4 uses PHP reflection to call a method of a controller class, and then uses the method name to check user permission. But, the method name in PHP reflection is case insensitive, and Exponent CMS permits undefined actions to execute by default, so an attacker can use a capitalized...

CVE-2016-9182

Exponent CMS 2.4 uses PHP reflection to call a method of a controller class, and then uses the method name to check user permission. But, the method name in PHP reflection is case insensitive, and Exponent CMS permits undefined actions to execute by default, so an attacker can use a capitalized...

Design/Logic Flaw

Exponent CMS 2.4 uses PHP reflection to call a method of a controller class, and then uses the method name to check user permission. But, the method name in PHP reflection is case insensitive, and Exponent CMS permits undefined actions to execute by default, so an attacker can use a capitalized...

CVE-2016-9182

Exponent CMS 2.4 uses PHP reflection to call a method of a controller class, and then uses the method name to check user permission. But, the method name in PHP reflection is case insensitive, and Exponent CMS permits undefined actions to execute by default, so an attacker can use a capitalized...