276 matches found
ClassCastException reported when stopping JIRA
When stopping tomcat wich hosts only Jira, there is always such stack trace in tomcat logs: code 2008-02-18 19:25:32,767: ERROR Thread-33 - org.apache.catalina.core.ContainerBase.Catalina.localhost./jira.release - ApplicationFilterConfig.doAsPrivilege java.lang.ClassCastException:...
mailman logfile CRLF injection
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI...
sBLOG 0.7.3 Beta - '/inc/lang.php' Local File Inclusion
!/usr/bin/perl sBLOG 0.7.3 Betainc/lang.phpLocal File Inclusion Exploit D.Script: http://sourceforge.net/projects/sblog/ V.Code: ifisset$conflangdefault && fileexists'lang/' . $conflangdefault . '.php' require'lang/' . $conflangdefault . '.php'; Discovered & Coded by : GolDM = Mahmoodali...
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
GLSA-200403-04 : Multiple security vulnerabilities in Apache 2
The remote host is affected by the vulnerability described in GLSA-200403-04 Multiple security vulnerabilities in Apache 2 Three vulnerabilities were found: A memory leak in sslengineio.c for modssl in Apache 2.0.48 and below allows remote attackers to cause a denial of service attack via plain...
MapInfo Discovery 1.01.1 - Cleartext Transmission Credential Disclosure
MapInfo Discovery 1.01.1 - Cleartext Transmission Credential Disclosure source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to...
Apache 1.3: Multiple vulnerabilities
Background The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems. The goal of this project is to provide a secure, efficient and extensible server that provides services in tune with the current HTTP standards. Description On...
nCipher Advisory #8: payShield library may verify bad requests
nCipher Security Advisory No. 8 payShield library may verify bad requests ----------------------------------------- SUMMARY ======= When a command is issued to the payShield SPP library it may return StatusOK regardless of what the real reply status was. ISSUE DESCRIPTION ================= 1...
security flaw
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
security flaw
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
DEBIAN-CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
security flaw
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
Apache Httpd < 2.0.49 : Error log escape filtering
Apache does not filter terminal escape sequences from error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
Apache Httpd < 1.3.31 : Error log escape filtering
Apache does not filter terminal escape sequences from error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
CVE-2000-0967
CVE-2000-0967 affects PHP 3 and PHP 4 where user-supplied format strings are not properly sanitized in error log messages, enabling remote command execution via crafted error output. The vulnerability applies to PHP installations that log errors/warnings (format-string attacks via syslog/vsnprint...