Lucene search
+L

84 matches found

OpenVAS
OpenVAS
added 2017/07/14 12:0 a.m.55 views

CentOS Update for httpd CESA-2017:1721 centos6

Check the version of httpd SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882751";...

7.5CVSS6.2AI score0.13252EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/04/12 3:2 p.m.101 views

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7AI score0.39633EPSS
Exploits6References3
Citrix
Citrix
added 2017/01/24 12:0 a.m.11 views

Director Error "Cannot retrieve data. Data source unresponsive or reported an error".

The following error is seen in the event viewer of the Director server: Log Name: Application Source: Citrix Director Service Date: 1/20/2017 11:05:33 AM Event ID: 5 Task Category: None Level: Error Keywords: Classic User: N/A Computer: CtxDirector.RepLab.Local Description: The description for...

6.5AI score
Exploits0
Hacker One
Hacker One
added 2016/04/07 3:0 p.m.17 views

Uber: Disclosure of ways to the site root

Hello. Go to this address and you see error with addresses https://trip.uber.com/1% Request GET /1% HTTP/1.1 Host: trip.uber.com Connection: keep-alive Cache-Control: max-age=0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 User-Agent: Mozilla/5.0 Windows NT 6.1;...

Exploits0
F5 Networks
F5 Networks
added 2014/12/03 12:0 a.m.96 views

SOL15889 - Apache HTTP server vulnerabilities CVE-2011-3368, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, and CVE-2012-0053

CVE-2011-3368 The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send...

5CVSS9.2AI score0.90734EPSS
Exploits20References4
Oracle linux
Oracle linux
added 2014/10/15 12:0 a.m.36 views

cups security and bug fix update

1:1.4.2-67 - Revert change to whitelist /rss/ resources, as this was not used upstream. 1:1.4.2-66 - More STR 4461 fixes from upstream: make rss feeds world-readable, but cachedir private. - Fix icon display in web interface during server restart STR 4475. 1:1.4.2-65 - Fixes for upstream patch fo...

5CVSS8.8AI score0.02911EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

simple webserver 2.3-rc1 - Directory Traversal

No description provided by source. Exploit Title: Simple Webserver 2.3-rc1 Directory Traversal Date: 01/02/2013 Exploit Author: CwG GeNiuS Vendor Homepage: http://www.pmx.it Software Link: http://www.pmx.it/download/sws-2.3-rc1-i686.exe Version: 2.3-rc1 and earlier Tested on: Windows 7 Enterprise...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2012/05/07 6:16 p.m.6 views

httpd: cookie exposure due to error responses

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

4.3CVSS6.7AI score0.82756EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2012/05/07 6:13 p.m.5 views

httpd: cookie exposure due to error responses

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

4.3CVSS6.7AI score0.82756EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2012/02/21 9:49 p.m.5 views

httpd: cookie exposure due to error responses

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

4.3CVSS6.7AI score0.82756EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2012/02/17 12:0 a.m.58 views

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : apache2 vulnerabilities (USN-1368-1)

It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. CVE-2011-3607 Prutha Parikh discovered that the modproxy module did not properly intera...

4.6CVSS8AI score0.82756EPSS
Exploits12References6
Ubuntu
Ubuntu
added 2012/02/16 7:30 p.m.117 views

USN-1368-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. CVE-2011-3607 Prutha Parikh discovered that the modproxy module did not properly intera...

4.6CVSS8.1AI score0.82756EPSS
Exploits12
RedHat Linux
RedHat Linux
added 2012/02/13 8:28 p.m.5 views

httpd: cookie exposure due to error responses

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

4.3CVSS6.7AI score0.82756EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2012/02/03 12:0 a.m.39 views

Mandriva Update for apache MDVSA-2012:012 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2012:012 apache Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

4.6CVSS0.3AI score0.82756EPSS
Exploits7References2
NVD
NVD
added 2012/01/28 4:5 a.m.24 views

CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

4.3CVSS8.3AI score0.82756EPSS
Exploits4References45
Prion
Prion
added 2012/01/28 4:5 a.m.30 views

Design/Logic Flaw

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

4.3CVSS6.7AI score0.82756EPSS
Exploits4References45Affected Software11
OSV
OSV
added 2012/01/28 4:5 a.m.10 views

CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

6.2AI score
Exploits0References58
OSV
OSV
added 2012/01/28 4:5 a.m.5 views

DEBIAN-CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

4.3CVSS8.7AI score0.82756EPSS
Exploits4References1
Cvelist
Cvelist
added 2012/01/28 2:0 a.m.144 views

CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

8.3AI score0.82756EPSS
Exploits4References45
Debian CVE
Debian CVE
added 2012/01/28 2:0 a.m.44 views

CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

4.3CVSS6.6AI score0.82756EPSS
Exploits4
Rows per page
Query Builder