Wireshark WCCP Parser Remote Denial of Service Vulnerability (CNVD-2015-00207)

Wireshark is an open source network protocol analysis tool. A remote denial of service vulnerability exists in the Wireshark WCCP parser, which can be exploited by an attacker to crash an affected application and deny service to legitimate users...

Oracle 9i Application Server 9.0.2 Web Cache Administration Tool Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5902/info Oracle 9i Application Server 9iAS allows remote administration via a web access module. This vulnerability affects Oracle 9iAS running on Microsoft Windows. When a custom request is sent to the Web Administratio...

Oracle9iAS Web Cache 2.0 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3443/info A buffer overflow condition can be triggered in Oracle 9iAS Web Cache 2.0.0.1.0 by submitting a malicious URL. This overflow can lead to either the process exiting, the process hanging, or the injection of...

Cacheflow CacheOS 3.1/4.0 Web Administration Arbitrary Cached Page Code Leakage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3841/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. When a user connects to the system via the web administration interface on port...

Important: Red Hat Security Advisory: tomcat security update

Updated tomcat packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat6 security update

An update for the Apache Tomcat 6 component for Red Hat JBoss Web Server 2.0.1 that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CV...

Important: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.2.1 security update

An update for Red Hat JBoss Operations Network 3.2.1, which fixes two security issues, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

tomcat: multiple content-length header poisoning flaws

It was found that when Tomcat / JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat / JBoss Web would incorrectly handle the request. A remote...

RHEL 6 : tomcat6 (RHSA-2014:0429)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0429 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was found that when Tomcat processed a...

tomcat6 security update

CentOS Errata and Security Advisory CESA-2014:0429 Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.2 update

Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.2.2 and fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact...

Apache Tomcat security restrictions bypass Vulnerability(CVE-2 0 1 3-4 2 8 6)-vulnerability warning-the black bar safety net

Affected system: Apache Group Tomcat 8.0.0-RC1 - 8.0.0-RC5 Apache Group Tomcat 7.0.0 - 7.0.47 Apache Group Tomcat 6.0.0 - 6.0.37 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 6 5 7 7 3 CVECAN ID: CVE-2 0 1 3-4 2 8 6 Apache Tomcat is a...

Apache Tomcat不完整修复信息泄漏漏洞

Bugtraq ID:65773 CVE ID:CVE-2013-4286 Apache Tomcat是一款开放源码的JSP应用服务器程序。 在使用块编码时如果请求包含多个或者单个content-length头时，Apache Tomcat应用没有正确把该请求拒绝为非法请求，当多个组件如防火墙，缓存，代理和Tomcat处理该请求序列时，会做出不同的动作，而使攻击者可进行WEB缓存"毒药"攻击，执行跨站脚本攻击，或获取其他用户请求中的敏感信息。此漏洞是由于不完整修复CVE-2005-2090造成的。 0 Apache Tomcat 8.0.0-RC1 Apache Tomcat 7.0.0...

Apache Tomcat 安全限制绕过漏洞

BUGTRAQ ID: 65773 CVECAN ID: CVE-2013-4286 Apache Tomcat是一个流行的开源JSP应用服务器程序。 Tomcat 8.0.0-RC1 - 8.0.0-RC5、7.0.0 - 7.0.47、6.0.0 - 6.0.37版本存在漏洞CVE-2005-2090修复不完整问题，远程攻击者可利用此漏洞对Web缓存投毒、逃避IDS签名、启动跨站脚本、HTML注入、会话劫持攻击等。 0 Apache Group Tomcat 8.0.0-RC1 - 8.0.0-RC5 Apache Group Tomcat 7.0.0 - 7.0.47 Apache...

TYPO3 Backend Unspecified CSRF Vulnerability

TYPO3 is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3";...

CVE-2013-3836

Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to ESI/Partial Page Caching...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to ESI/Partial Page Caching...

CVE-2013-3836

CVE-2013-3836 affects Oracle Web Cache (Oracle Fusion Middleware 11.1.1.6/11.1.1.7). The vulnerability’s root cause is related to ESI/Partial Page Caching, allowing remote authenticated users to impact confidentiality. The connected documents confirm the affected product and vector but do not pro...

CVE-2013-3836

Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to ESI/Partial Page Caching...

Oracle Linux 5 : Critical: / firefox (ELSA-2007-0979)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0979 advisory. 1.5.0.12-0.7.el4.0.1 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.7.el4 - Update to...