138 matches found
[SECURITY] Fedora 22 Update: cherokee-1.2.103-6.fc22
Cherokee is a very fast, flexible and easy to configure Web Server. It supp orts the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL encrypted connections, Virtual hosts, Authentication, on the fly encoding, Apache compatible log files, and much more...
mwebfp - Massive Web Fingerprinter
The "LowNoiseHG LNHG Massive Web Fingerprinter " "mwebfp " from now on was conceived in July 2013 after realizing the usefulness of webserver screenshots to pentesters, during an engagement with large external or internal IP address ranges, as a quick means of identification of critical assets,...
IRCCloud: Host Header Injection - irccloud.com
Host Header Injection Attack - irccloud.com An attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Very often multiple websites are hosted on the same IP address. This is where the Host Header comes in. This header specifi...
[Hasere v0.2] Discover vHosts using Google and Bing
Hasere is a tool that can discovery the virtual hosts and related filetype using google and bing search engines. Optionally, it uses the nmap to determine the ip addresses which have 80 or 443 opened port. After that it uses the bing search engine to determine which domains were hosted or have be...
find_vhosts
This plugin uses the HTTP Host header to find new virtual hosts. For example, if the intranet page is hosted in the same server that the public page, and the web server is misconfigured, this plugin will discover that virtual host. Please note that this plugin doesnt use any DNS technique to find...
[Acunetix Web Vulnerability Scanner 8] Automated Web Application Security Testing Tool
Acunetix W eb V ulnerability S canner WVS is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive...
[SECURITY] Fedora 18 Update: usbredir-0.5-1.fc18
The usbredir libraries allow USB devices to be used on remote and/or virtual hosts over TCP. The following libraries are provided: usbredirparser: A library containing the parser for the usbredir protocol usbredirhost: A library implementing the USB host side of a usbredir connection. All that an...
Fedora Update for cherokee FEDORA-2011-12657
Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12657 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for cherokee FEDORA-2011-14622
Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-14622 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
PT-2012-1927 · Red Hat · Red Hat Jboss Enterprise Application Platform
Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Application Platform version 5.1.2 Description: The issue allows worker nodes to register with arbitrary virtual hosts, enabling remote attackers to bypass intended access restrictions. This can lead to the provision of...
JBoss 'mod_cluster'安全绕过漏洞
Bugtraq ID: 51554 CVE ID:CVE-2011-4608 JBOSS是一个基于J2EE的开放源代码的应用服务器。 modcluster允许worker节点在任意虚拟主机vhost上注册,而无视应用在其他虚拟主机上的安全性限制。在某些环境下,一个vhost配置为内部worker节点,而另一个配置为服务外部内容。远程攻击者可以利用此缺陷通过没有配置应用安全限制的外部虚拟主机注册为攻击者控制的worker节点,然后使用worker节点服务恶意内容,截获验证凭据,劫持用户会话。 0 Red Hat JBoss Enterprise Web Server for RHEL 6...
mod_cluster: malicious worker nodes can register on any vhost
modcluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from ...
Fedora Update for cherokee FEDORA-2011-14660
Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-14660 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for cherokee FEDORA-2011-14634
Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-14634 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for cherokee FEDORA-2011-12687
Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12687 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for cherokee FEDORA-2011-12698
Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12698 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 15 Update: cherokee-1.2.99-1.fc15
Cherokee is a very fast, flexible and easy to configure Web Server. It supp orts the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL encrypted connections, Virtual hosts, Authentication, on the fly encoding, Apache compatible log files, and much more...
SuSE 11 Security Update : PHP5 (SAT Patch Number 666)
php 5.1.9 fixes among other things some security issues : - Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory. CVE-2008-5498 - the mbstring.funcoverload in .htaccess was applied to other virtual hosts on th...
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-593)
php 5.1.9 fixes among other things some security issues : - Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory CVE-2008-5498. - the mbstring.funcoverload in .htaccess was applied to other virtual hosts on th...
Ubuntu: Security Advisory (USN-761-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...