Java Runtime UTF-8 Decoder Smuggling Vector

Due to misconfiguration of mailing lists, it was just pointed out this is already public. Apologies to those vendors who have not reacted to Sun's announcements of December 2nd in a timely manner; Mitre ID: CVE-2008-2938 Initial title: Java Runtime UTF-8 Decoding Flaw Actual title: Java Runtime...

auth-owners NSE Script

Attempts to find the owner of an open TCP port by querying an auth daemon which must also be open on the target system. The auth service, also known as identd, normally runs on port 113. Example Usage nmap -sV -sC Script Output 21/tcp open ftp ProFTPD 1.3.1 | auth-owners: nobody 22/tcp open ssh...

Apache Httpd < 2.0.64 : mod_proxy_ftp globbing XSS

A flaw was found in the handling of wildcards in the path of a FTP URL with modproxyftp. If modproxyftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting XSS attacks...

Apache Httpd < 2.2.10 : mod_proxy_ftp globbing XSS

A flaw was found in the handling of wildcards in the path of a FTP URL with modproxyftp. If modproxyftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting XSS attacks...

Apache &lt;= 2.0.49 Arbitrary Long HTTP Headers Denial of Service

No description provided by source. /usr/bin/perl -w use IO::Socket::INET; usage unless @ARGV == 2; my $host = shift@ARGV; my $port = shift@ARGV; sub usage print "\n"; print "\n Apache HTTPd Arbitrary Long HTTP Headers DoS \n"; print " Tested Versions : 2 2.0.49 \n"; print " Adv :...

Low: Red Hat Security Advisory: Red Hat Network Satellite Server security update

Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. This release corrects several...

Low: Red Hat Security Advisory: Red Hat Network Proxy Server security update

Red Hat Network Proxy Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Proxy Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. The Red Hat Network Proxy Server 4.2....

aprox-lfi.txt

01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: APROX CMS ENGINE V5.1.0.4 LOCAL FILE INCLUSION LFI || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION || 0x04: RISK LEVEL || 0x00: ABOUT M...

Aprox CMS Engine v5(.1.0.4) Local File Inclusion Vulnerability

No description provided by source. 01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: APROX CMS ENGINE V5.1.0.4 LOCAL FILE INCLUSION LFI || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION |...

Aprox CMS Engine v5(.1.0.4) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================== Aprox CMS Engine v5.1.0.4 Local File Inclusion Vulnerability ============================================================== 01010111 01001001 01010010 01000101 01000100 0101001...

Aprox CMS Engine 5.1.0.4 - Local File Inclusion

Aprox CMS Engine 5.1.0.4 - Local File Inclusion 01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: APROX CMS ENGINE V5.1.0.4 LOCAL FILE INCLUSION LFI || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03:...

Apache Httpd < 2.2.9 : mod_proxy_http DoS

A flaw was found in the handling of excessive interim responses from an origin server when using modproxyhttp. A remote attacker could cause a denial of service or high memory usage...

Apache Httpd < 2.0.64 : mod_proxy_http DoS

A flaw was found in the handling of excessive interim responses from an origin server when using modproxyhttp. A remote attacker could cause a denial of service or high memory usage...

httpd scoreboard lack of PID protection

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...

Low: Red Hat Security Advisory: Red Hat Network Proxy Server security update

Red Hat Network Proxy Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Proxy Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. The Red Hat Network Proxy Server 5.0....

Moderate: Red Hat Security Advisory: Red Hat Network Satellite Server security update

Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. During an internal...

httpd scoreboard lack of PID protection

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...

Debian Security Advisory DSA 525-1 (apache)

The remote host is missing an update to apache announced via advisory DSA 525-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

httpd mod_proxy_balancer cross-site scripting

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

RHEL 4 : httpd (RHSA-2008:0006)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0006 advisory. The Apache HTTP Server is a popular Web server. A flaw was found in the modimap module. On sites where modimap was enabled and an imagemap...