Toxy - Hackable Http Proxy To Simulate Server Failure Scenarios And Network Conditions

Toxy is a fully programmatic and hackable HTTP proxy to simulate server failure scenarios and unexpected network conditions , built for node.js / io.js . It was mainly designed for fuzzing/evil testing purposes, when toxy becomes particularly useful to cover fault tolerance and resiliency...

用友某分战SQL注入第五弹

简要描述： 又来一发。。 详细说明： 注入URL： http://u9service.yonyou.com/servicehome/kmview.aspx?postid=ZS20100530204 sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://sqlmap.org ! legal disclaimer: Usage of sqlmap for attacking targets without prior mutu consent is illegal. It is the end...

Misconfigured RPC Settings cause Backup Job to fail with "Failed to prepare guest for hot backup"

Article Applicability This KB article is specific to a scenario where Dynamic RPC ports have been customized within the registry. That customization then causes the particular error Code: 87. The primary error in the UI, "Failed to prepare guest for hot backup," has many causes, and this article...

IBM SolidDB - Invalid Error Code Vulnerability

No description provided by source...

Xerox DocuShare - SQL Injection

No description provided by source. The following request is vulnerable to a SQL injection in the last URI segment: GET /docushare/dsweb/ResultBackgroundJobMultiple/1 HTTP/1.1 Host: 172.31.16.194:8080 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:26.0 Gecko/20100101 Firefox/26.0 Accept:...

SSL Server Error Code Detection

Binary data 7116.pasl...

Xerox DocuShare SQL Injection

The following request is vulnerable to a SQL injection in the last URI segment: GET /docushare/dsweb/ResultBackgroundJobMultiple/1 HTTP/1.1 Host: 172.31.16.194:8080 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:26.0 Gecko/20100101 Firefox/26.0 Accept:...

WRT120N 1.0.0.7 - Remote Stack Overflow

WRT120N 1.0.0.7 - Remote Stack Overflow !/usr/bin/env python WRT120N v1.0.0.7 stack overflow, ROP to 4-byte overwrite which clears the admin password. Craig Heffner http://www.devttys0.com 2014-02-14 import sys import urllib2 try: target = sys.argv1 except IndexError: print "Usage: %s " % sys.arg...

CVE-2013-6431

The fib6add function in net/ipv6/ip6fib.c in the Linux kernel before 3.11.5 does not properly implement error-code encoding, which allows local users to cause a denial of service NULL pointer dereference and system crash by leveraging the CAPNETADMIN capability for an IPv6 SIOCADDRT ioctl call...

CVE-2013-6431

The fib6add function in net/ipv6/ip6fib.c in the Linux kernel before 3.11.5 does not properly implement error-code encoding, which allows local users to cause a denial of service NULL pointer dereference and system crash by leveraging the CAPNETADMIN capability for an IPv6 SIOCADDRT ioctl call...

USN-2049-1: Linux kernel vulnerabilities

Miroslav Vadkerti discovered a flaw in how the permissions for network sysctls are handled in the Linux kernel. An unprivileged local user could exploit this flaw to have privileged access to files in /proc/sys/net/. CVE-2013-4270 A flaw was discovered in the Linux kernel's dm snapshot facility. ...

CVE-2012-6088

The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package...

Apache HTTPD Error Code 400 httpOnly Cookie Handling Information Disclosure (CVE-2012-0053)

An information disclosure vulnerability has been reported in Apache HTTPD server...

Apache HTTPD Error Code 400 httpOnly Cookie Handling Information Disclosure - ver 2 (CVE-2012-0053)

An information disclosure vulnerability has been reported in Apache HTTPD server. The vulnerability is due to an error while creating the default HTTP 400 error page. A remote attacker can exploit this vulnerability by causing the target user's browser to send crafted HTTP requests to the...

Intuit Help System Protocol URL Heap Corruption and Memory Leak

Intuit Help System Protocol URL Heap Corruption and Memory Leak Derek Soeder [email protected] Reported to [email protected] on March 15, 2012; vendor did not respond. Reported to CERT on March 22, 2012; vendor did not respond. Responsible disclosure failed with error code 10060. Published:...

Debian DSA-2405-1 : apache2 - multiple issues

Several vulnerabilities have been found in the Apache HTTPD Server : - CVE-2011-3607 : An integer overflow in appregsub could allow local attackers to execute arbitrary code at elevated privileges via crafted .htaccess files. - CVE-2011-3368 CVE-2011-3639 CVE-2011-4317 : The Apache HTTP Server di...

OpenSSL < 0.9.8o / 1.0.0a Multiple Vulnerabilities

Binary data 5559.prm...

httpd: mod_proxy_ajp remote temporary DoS

The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server outage via a crafted request,...

The modified mdb to asp the consequences-vulnerability warning-the black bar safety net

by:SuperHei·Lilo May be with the network security technology development., the administrator of the qualities are on the increase, when using access+asp system, not the database being downloaded to the mdb to asp or asa. The first does not say directly change the suffix, you can directly use the...

DEBIAN-CVE-2010-0408

The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server outage via a crafted request,...