EUVD-2008-6973

Malware in sbrugna...

RHEL 5 : httpd and httpd22 (RHSA-2010:0011)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0011 advisory. - httpd: NULL pointer defer in modproxyftp caused by crafted EPSV and PASV reply CVE-2009-3094 - httpd: modproxyftp FTP command injection vi...

Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods. "Investigated network traffic to a compromised device has shown that the threat actor has upgrade...

CVE-2022-22831

CVE-2022-22831 affects Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user by manipulating the Authorization HTTP header, due to insufficient validation in that header. The result is an unauthorized, unauthenticated privilege escalation to a highly privileged admin account, with high i...

CVE-2018-15839

D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header...

Buffer overflow

D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header...

CVE-2018-15172

TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header...

Buffer overflow

TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header...

CVE-2018-15172

TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header...

CVE-2018-12706

DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header...

Authorization

The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header...

Apache HTTP Server 'mod_proxy_ftp' Module Command Injection Vulnerability

Apache HTTP Server is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Authorization

The modproxyftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pa...

CVE-2009-3095

The modproxyftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pa...

CVE-2009-3095

The modproxyftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pa...

CVE-2009-3095

The modproxyftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pa...

Authorization

fhttpd 0.4.2 allows remote attackers to cause a denial of service crash via an Authorization HTTP header with an invalid character after the Basic value...

CVE-2008-7014

fhttpd 0.4.2 allows remote attackers to cause a denial of service crash via an Authorization HTTP header with an invalid character after the Basic value...