Lucene search
+L

1342 matches found

OpenVAS
OpenVAS
added 2013/08/01 12:0 a.m.13 views

Fedora Update for nodejs-aws-sign FEDORA-2013-11780

Check for the Version of nodejs-aws-sign OpenVAS Vulnerability Test Fedora Update for nodejs-aws-sign FEDORA-2013-11780 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

3.3CVSS6.7AI score0.00372EPSS
Exploits0References2
Prion
Prion
added 2013/01/12 4:33 a.m.13 views

Authorization

Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by supplying an authorization header...

4.3CVSS7.4AI score0.01119EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2013/01/12 2:0 a.m.40 views

CVE-2011-5253

CVE-2011-5253 affects Download Ticket Service (versions 0.3–0.9). The issue allows remote attackers to login as an arbitrary user by supplying an authorization header. The provided connected documents confirm the vulnerability statement but do not specify affected platforms beyond the version ran...

4.3CVSS7AI score0.01119EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2013/01/12 2:0 a.m.17 views

CVE-2011-5253

Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by supplying an authorization header...

6.8AI score0.01119EPSS
Exploits0References4
NVD
NVD
added 2012/03/12 9:55 p.m.23 views

CVE-2012-0647

WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...

5CVSS6.1AI score0.01121EPSS
Exploits0References3
OSV
OSV
added 2012/03/12 9:55 p.m.3 views

UBUNTU-CVE-2012-0647

WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...

5CVSS5.7AI score0.01121EPSS
Exploits0References2
OSV
OSV
added 2011/07/07 9:55 p.m.2 views

DEBIAN-CVE-2011-1498

Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header...

4.3CVSS9AI score0.06685EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2011/03/11 10:55 p.m.33 views

CVE-2011-0160

WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...

5CVSS5.8AI score0.01549EPSS
Exploits0References1
Prion
Prion
added 2011/03/11 10:55 p.m.22 views

Design/Logic Flaw

WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...

5CVSS6.4AI score0.01549EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2011/03/11 10:0 p.m.29 views

CVE-2011-0160

WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...

8.6AI score0.01549EPSS
Exploits0References5
CVE
CVE
added 2011/03/11 10:0 p.m.75 views

CVE-2011-0160

CVE-2011-0160 affects WebKit as used in Apple Safari prior to 5.0.4 and iOS prior to 4.3. The vulnerability arises when handling redirects with HTTP Basic Authentication, potentially causing the Authorization header (and thus credentials) to be logged by remote servers. The issue is tied to WebKi...

5CVSS8.3AI score0.01549EPSS
Exploits0References5Affected Software2
0day.today
0day.today
added 2011/01/29 12:0 a.m.28 views

Polycom SoundPoint IP Devices Denial Of Service

Exploit for hardware platform in category dos / poc Polycom SoundPoint IP devices IP phones are vulnerable to Denial of Service attacks. Sending HTTP GET request with broken Authorization header effect a device restart after 60 seconds. It was tested on: SoundPoint IP 335 Version: 3.2.4.1734...

7AI score
Exploits0
exploitpack
exploitpack
added 2011/01/28 12:0 a.m.12 views

Polycom SoundPoint IP Devices - Denial of Service

Polycom SoundPoint IP Devices - Denial of Service Source: http://packetstormsecurity.org/files/view/97948/polycomsoundpoint-dos.txt Hello, Polycom SoundPoint IP devices IP phones are vulnerable to Denial of Service attacks. Sending HTTP GET request with broken Authorization header effect a device...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/01/27 12:0 a.m.28 views

Polycom SoundPoint IP Devices Denial Of Service

Hello, Polycom SoundPoint IP devices IP phones are vulnerable to Denial of Service attacks. Sending HTTP GET request with broken Authorization header effect a device restart after 60 seconds. It was tested on: SoundPoint IP 335 Version: 3.2.4.1734 SoundPoint IP 430 Version: 3.2.3.1734 SoundPoint ...

0.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/08/04 9:30 p.m.5 views

httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header

The modproxyftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pa...

5CVSS6.3AI score0.1256EPSS
Exploits2References4
CVE
CVE
added 2010/05/14 8:0 p.m.56 views

CVE-2010-1940

CVE-2010-1940: Apple Safari 4.0.5 on Windows mishandles the Authorization: Basic header, sending credentials intended for one site to another site named in a Location header, enabling remote servers to log sensitive information. Root cause: header leakage across sites via Location-based redirects...

4.3CVSS5.6AI score0.0081EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2010/05/14 8:0 p.m.42 views

CVE-2010-1940

Removed by vendor...

4.3CVSS7AI score0.0081EPSS
Exploits0
0day.today
0day.today
added 2010/04/02 12:0 a.m.22 views

uTorrent WebUI <= v0.370 Authorization header DoS Exploit

Exploit for windows platform in category dos / poc ========================================================= uTorrent WebUI newPeerAddr =$ARGV0,PeerPort =$ARGV1,Proto = 'tcp'; print $sock "GET / HTTP/1.1\r\n". "Authorization: Basic $nonbase64\r\n\r\n"; 0day.today 2017-12-31...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/02 12:0 a.m.26 views

μTorrent (uTorrent) WebUI 0.370 - Authorisation Header Denial of Service

!/usr/bin/perl Exploit Title: uTorrent WebUI Version: µTorrent 2.0 build 18488 / WebUI EAX 00000000 ECX 00000000 EDX 00000001 EBX 003D8360 ASCII "admin" ESP 0141FE94 EBP 0141FF08 ESI 00000000 EDI 01511958 EIP 0041BC62 uTorrent.0041BC62 Good luck! corelanc0d3r use warnings; use strict; use...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2010/04/02 12:0 a.m.21 views

uTorrent WebUI 0.370 Denial Of Service

!/usr/bin/perl Exploit Title: uTorrent WebUI Version: µTorrent 2.0 build 18488 / WebUI EAX 00000000 ECX 00000000 EDX 00000001 EBX 003D8360 ASCII "admin" ESP 0141FE94 EBP 0141FF08 ESI 00000000 EDI 01511958 EIP 0041BC62 uTorrent.0041BC62 Good luck! corelanc0d3r use warnings; use strict; use...

7.4AI score
Exploits0
Rows per page
Query Builder