HTTP Headers < 1.18.11 - Admin+ Remote Code Execution

This plugin allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability. --- " and Password as any value. 4. Navigate to Settings HTTP Headers Advanced settings and set the "Location of .hh-htpasswd" field to its previous value this is only required on...

Monospace Directus Headless CMS File Upload / Rule Bypass Vulnerabilities

======================================================================= title: Arbitrary File Upload and Bypassing .htaccess Rules product: Monospace Directus Headless CMS vulnerable version: v8.8.2 fixed version: v8.8.2, v9 is not affected because of different architecture CVE number:...

Ipsilon Denial of Service Vulnerability

Ipsilon is a server and toolkit for configuring Apache-based service providers to provide federated authentication SSO to web applications with pluggable standalone modwsgi applications. A denial of service vulnerability exists in Ipsilon that can be exploited by an attacker to cause a denial of...

Important: Red Hat Security Advisory: ipsilon security update

An update for ipsilon is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

HP-UX Update for Apache-based Web Server HPSBUX02612

Check for the Version of Apache-based Web Server OpenVAS Vulnerability Test HP-UX Update for Apache-based Web Server HPSBUX02612 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

HP-UX Update for Apache-based Web Server HPSBUX02612

The remote host is missing an update for the Apache-based Web Server packages announced via the referenced advisory. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

HP-UX Update for Apache-based Web Server HPSBUX02531

Check for the Version of Apache-based Web Server OpenVAS Vulnerability Test HP-UX Update for Apache-based Web Server HPSBUX02531 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

HP-UX Update for Apache-based Web Server HPSBUX02531

Check for the Version of Apache-based Web Server OpenVAS Vulnerability Test HP-UX Update for Apache-based Web Server HPSBUX02531 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

HP-UX Update for Apache-based Web Server HPSBUX02465

Check for the Version of Apache-based Web Server OpenVAS Vulnerability Test HP-UX Update for Apache-based Web Server HPSBUX02465 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

HP-UX Update for Apache-based Web Server HPSBUX02465

Check for the Version of Apache-based Web Server OpenVAS Vulnerability Test HP-UX Update for Apache-based Web Server HPSBUX02465 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

HP-UX Update for Apache Web Server Suite HPSBUX02431

Check for the Version of Apache Web Server Suite OpenVAS Vulnerability Test HP-UX Update for Apache Web Server Suite HPSBUX02431 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

HP-UX Update for HP-UX Pkg HPSBUX01123

Check for the Version of HP-UX Pkg OpenVAS Vulnerability Test HP-UX Update for HP-UX Pkg HPSBUX01123 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

HP-UX Update for Apache PHP HPSBUX00207

Check for the Version of Apache PHP OpenVAS Vulnerability Test HP-UX Update for Apache PHP HPSBUX00207 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

HP-UX Update for Apache mod_cgid HPSBUX00301

Check for the Version of Apache modcgid OpenVAS Vulnerability Test HP-UX Update for Apache modcgid HPSBUX00301 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

HP-UX Update for Apache HPSBUX01064

Check for the Version of Apache OpenVAS Vulnerability Test HP-UX Update for Apache HPSBUX01064 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

HP-UX Update for Apache HPSBUX00224

Check for the Version of Apache OpenVAS Vulnerability Test HP-UX Update for Apache HPSBUX00224 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

HP-UX Update for Apache HPSBUX01064

Check for the Version of Apache OpenVAS Vulnerability Test HP-UX Update for Apache HPSBUX01064 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

OpenSSL 'EVP_VerifyFinal'函数签名验证漏洞

BUGTRAQ ID: 33150 CVE ID：CVE-2008-5077 CNCVE ID：CNCVE-20085077 OpenSSL是一款开放源码的SSL实现，用来实现网络通信的高强度加密。 部分OpenSSL函数验证DSA和ECDSA密钥时不正确验证"EVPVerifyFinal"函数返回值，发送特殊构建的签名证书链给客户端，可绕过签名检查。 通过恶意服务器或中间人攻击，可使证书链中的畸形SSL/TLS签名绕过客户端软件检查，导致盲目信任并泄漏敏感信息。 成功利用此漏洞需要服务器使用包含DSA或者ECDSA密钥的证书。 Ubuntu Ubuntu Linux 8.10 spar...

HP-UX PHSS_27477 : s700_800 11.04 Virtualvault 4.5 Inside Admin Server Update

s700800 11.04 Virtualvault 4.5 Inside Admin Server Update : The remote HP-UX host is affected by multiple vulnerabilities : - Remotely exploitable potential vulnerabilities have been reported in CA-2002-21 and CVE-2002-0658. - A potential remotely exploitable vulnerability in handling of large da...