15 matches found
EUVD-2019-7783
Malware in sbrugna...
CVE-2019-17377
cPanel before 82.0.15 allows self XSS in LiveAPI example scripts SEC-524...
CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
Input validation
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
CVE-2021-32642
radsecproxy is affected by CVE-2021-32642 due to missing input validation in the internal dyndisc scripts naptr-eduroam.sh and radsec-dynsrv.sh, which can allow configuration injection via crafted radsec peer discovery DNS records. reported impacts include information disclosure, DoS, and the red...
CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
Design/Logic Flaw
cPanel before 82.0.15 allows self XSS in LiveAPI example scripts SEC-524...
Novell Netware Web Server 3.x files.pl Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2076/info Novell Web Server 3.x Examples Toolkit v.2 is a package containing example scripts and HTML files to help administrators design web sites. It is not a support Novell product and is provided solely as a convenien...
DEBIAN-CVE-2012-0216
The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...
CVE-2012-0216
The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...
DSA-2452-1 apache2 - insecure default configuration
Bulletin has no description...
python security, bug fix, and enhancement update
python: 2.6.6-20 Resolves: CVE-2010-3493 2.6.6-19 Resolves: CVE-2011-1015 2.6.6-18 Resolves: CVE-2011-1521 2.6.6-17 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-16 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-15 - fix race condition that sometimes breaks the build wi...
CVE-2003-1513
Multiple cross-site scripting XSS vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via 1 env.jsp, 2 form.jsp, 3 session.jsp, 4 the move parameter to tictactoe.jsp, or the 5 name or 6 comment fields to...
DST2K0042.txt
----- Forwarded message from "Whitehouse, Ollie" ----- Approved-By: [email protected] Delivered-To: [email protected] Delivered-To: [email protected] X-Mailer: Internet Mail Service 5.5.2650.21 Date: Thu, 28 Sep 2000 17:13:46 +0100 Reply-To: "Whitehouse, Ollie" From:...