265 matches found
Virtual Host Administrator 0.1 - Modules_Dir Remote File Inclusion
source: https://www.securityfocus.com/bid/22218/info Virtual Host Administrator is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other...
The command line to create a virtual directory-vulnerability warning-the black bar safety net
Long, long no and we chat, want to everyone. Meet first just to give everyone a small gift. In fact also is not what good stuff. In research and study in progress, no research, no in-depth to understand, there is no progress. Serious learning attitude+pursued+one hundred thousand why. The result...
xinnet. com China new network Web Mail system has a serious vulnerability-a vulnerability warning-the black bar safety net
Long time no Post garbage come up, this also is not prepared to contribute, to the octal friend. First good luck to all octal friends a Happy New Year. Everyone knows China's famous New cafe, new network virtual host in a stable and secure known. Business users very much, I also bought a new...
Mandrake Linux Security Advisory : apache2 (MDKSA-2006:007)
A flaw was discovered in modimap when using the Referer directive with image maps that could be used by a remote attacker to perform a cross- site scripting attack, in certain site configurations, if a victim could be forced to visit a malicious URL using certain web browsers CVE-2005-3352. Also,...
Hack resources:-vulnerability warning-the black bar safety net
Detecting virtual host to the actual situation Software name: ASP security detection probe Software size: 2 8 KB Whether it is preparing for the invasion or to detect the virtual host security, in order to learn their weaknesses, and then take the corresponding countermeasures. Using“ASP security...
Next injection infection-specific program-let the rookie broiler flocks-vulnerability warning-the black bar safety net
Online is often heard rookie yell: dear warrior, I how to own A your own chickens? Hey, also called the sad mournful cut, and to my listening heart strange sympathy, or I now give you side dishes a quick get-to-broiler method bar, and listen to Ranger know: as the saying goes, impatient to eat no...
Microsoft IIS UNC Mapped Virtual Host Vulnerability
Your IIS webserver allows the retrieval of ASP/HTR source code. SPDX-FileCopyrightText: 2001 [email protected] Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandrake Linux Security Advisory : apache2 (MDKSA-2005:161)
A flaw was discovered in modssl's handling of the 'SSLVerifyClient' directive. This flaw occurs if a virtual host is configured using 'SSLVerifyClient optional' and a directive 'SSLVerifyClient required' is set for a specific location. For servers configured in this fashion, an attacker may be ab...
Apache mod_ssl unauthenticated access
Client can access path with "SSLVerifyClient require" without authentication in global settings for vurtual host have "SSLVerifyClient optional"...
Apache Httpd < 2.0.55 : SSLVerifyClient bypass
A flaw in the modssl handling of the "SSLVerifyClient" directive. This flaw would occur if a virtual host has been configured using "SSLVerifyClient optional" and further a directive "SSLVerifyClient required" is set for a specific location. For servers configured in this fashion, an attacker may...
IBM WebSphere application server information leak
It's possible to obtain JSP page source code by requesting non-existing virtual host...
mod_ssl SSLCipherSuite bypass
The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...
CVE-2004-0885
The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...
DEBIAN-CVE-2004-0885
The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...
CVE-2004-0885
The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...
Apache Httpd < 2.0.53 : SSLCipherSuite bypass
An issue has been discovered in the modssl module when configured to use the "SSLCipherSuite" directive in directory or location context. If a particular location context has been configured to require a specific set of cipher suites, then a client will be able to access that location using any...
mod_ssl -- SSLCipherSuite bypass
It is possible for clients to use any cipher suite configured by the virtual host, whether or not a certain cipher suite is selected for a specific directory. This might result in clients using a weaker encryption than originally configured...
Microsoft IIS UNC Mapped Virtual Host Source Disclosure
Binary data 1583.prm...
php.ini PHP protection bypass
It's possible tyo bypass protection registerglobals = on for example of virtual host by requestin host without protection in same HTTP keep-alive connection before...
CVE-2001-1385
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts...