1342 matches found
Fedora Update for nodejs-aws-sign FEDORA-2013-11780
Check for the Version of nodejs-aws-sign OpenVAS Vulnerability Test Fedora Update for nodejs-aws-sign FEDORA-2013-11780 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
Authorization
Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by supplying an authorization header...
CVE-2011-5253
CVE-2011-5253 affects Download Ticket Service (versions 0.3–0.9). The issue allows remote attackers to login as an arbitrary user by supplying an authorization header. The provided connected documents confirm the vulnerability statement but do not specify affected platforms beyond the version ran...
CVE-2011-5253
Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by supplying an authorization header...
CVE-2012-0647
WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...
UBUNTU-CVE-2012-0647
WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...
DEBIAN-CVE-2011-1498
Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header...
CVE-2011-0160
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...
Design/Logic Flaw
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...
CVE-2011-0160
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...
CVE-2011-0160
CVE-2011-0160 affects WebKit as used in Apple Safari prior to 5.0.4 and iOS prior to 4.3. The vulnerability arises when handling redirects with HTTP Basic Authentication, potentially causing the Authorization header (and thus credentials) to be logged by remote servers. The issue is tied to WebKi...
Polycom SoundPoint IP Devices Denial Of Service
Exploit for hardware platform in category dos / poc Polycom SoundPoint IP devices IP phones are vulnerable to Denial of Service attacks. Sending HTTP GET request with broken Authorization header effect a device restart after 60 seconds. It was tested on: SoundPoint IP 335 Version: 3.2.4.1734...
Polycom SoundPoint IP Devices - Denial of Service
Polycom SoundPoint IP Devices - Denial of Service Source: http://packetstormsecurity.org/files/view/97948/polycomsoundpoint-dos.txt Hello, Polycom SoundPoint IP devices IP phones are vulnerable to Denial of Service attacks. Sending HTTP GET request with broken Authorization header effect a device...
Polycom SoundPoint IP Devices Denial Of Service
Hello, Polycom SoundPoint IP devices IP phones are vulnerable to Denial of Service attacks. Sending HTTP GET request with broken Authorization header effect a device restart after 60 seconds. It was tested on: SoundPoint IP 335 Version: 3.2.4.1734 SoundPoint IP 430 Version: 3.2.3.1734 SoundPoint ...
httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header
The modproxyftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pa...
CVE-2010-1940
CVE-2010-1940: Apple Safari 4.0.5 on Windows mishandles the Authorization: Basic header, sending credentials intended for one site to another site named in a Location header, enabling remote servers to log sensitive information. Root cause: header leakage across sites via Location-based redirects...
CVE-2010-1940
Removed by vendor...
uTorrent WebUI <= v0.370 Authorization header DoS Exploit
Exploit for windows platform in category dos / poc ========================================================= uTorrent WebUI newPeerAddr =$ARGV0,PeerPort =$ARGV1,Proto = 'tcp'; print $sock "GET / HTTP/1.1\r\n". "Authorization: Basic $nonbase64\r\n\r\n"; 0day.today 2017-12-31...
μTorrent (uTorrent) WebUI 0.370 - Authorisation Header Denial of Service
!/usr/bin/perl Exploit Title: uTorrent WebUI Version: µTorrent 2.0 build 18488 / WebUI EAX 00000000 ECX 00000000 EDX 00000001 EBX 003D8360 ASCII "admin" ESP 0141FE94 EBP 0141FF08 ESI 00000000 EDI 01511958 EIP 0041BC62 uTorrent.0041BC62 Good luck! corelanc0d3r use warnings; use strict; use...
uTorrent WebUI 0.370 Denial Of Service
!/usr/bin/perl Exploit Title: uTorrent WebUI Version: µTorrent 2.0 build 18488 / WebUI EAX 00000000 ECX 00000000 EDX 00000001 EBX 003D8360 ASCII "admin" ESP 0141FE94 EBP 0141FF08 ESI 00000000 EDI 01511958 EIP 0041BC62 uTorrent.0041BC62 Good luck! corelanc0d3r use warnings; use strict; use...