21 matches found
EUVD-2006-6460
Malware in sbrugna...
EUVD-2006-6458
Malware in sbrugna...
EUVD-2006-6459
Malware in sbrugna...
EUVD-2022-42860
Malicious code in bioql PyPI...
Web: jsessionid exposed via encoded url when using cookie based session tracking
The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id 1 via a man-in-the-middle attack ...
Web: jsessionid exposed via encoded url when using cookie based session tracking
The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id 1 via a man-in-the-middle attack ...
OPC UA Query First Response Command
...
CVE-2006-6477
FRAgent.exe in Mandiant First Response MFR before 1.1.1, when run in daemon mode and configured to use only HTTP, allows local users to modify requests and responses between a client and an agent by hijacking an HTTP FRAgent daemon and conducting a man-in-the-middle MITM attack...
CVE-2006-6476
FRAgent.exe in Mandiant First Response MFR before 1.1.1, when run in daemon mode and when the agent is bound to 0.0.0.0 all interfaces, opens sockets in non-exclusive mode, which allows local users to hijack the socket, and capture data or cause a denial of service loss of daemon operation...
CVE-2006-6475
FRAgent.exe in Mandiant First Response MFR before 1.1.1, when run in daemon mode with SSL enabled, allows remote attackers to cause a denial of service refused connections via malformed requests, which results in a mishandled exception...
CVE-2006-6475
FRAgent.exe in Mandiant First Response MFR before 1.1.1, when run in daemon mode with SSL enabled, allows remote attackers to cause a denial of service refused connections via malformed requests, which results in a mishandled exception...
CVE-2006-6477
CVE-2006-6477 concerns Mandiant First Response (MFR) prior to 1.1.1. The issue arises when the FRAgent daemon runs with HTTP (and also in SSL mode as per Symantec advisory) and binds non-exclusively to a socket, enabling a local attacker to hijack the agent and conduct a man-in-the-middle attack ...
CVE-2006-6477
FRAgent.exe in Mandiant First Response MFR before 1.1.1, when run in daemon mode and configured to use only HTTP, allows local users to modify requests and responses between a client and an agent by hijacking an HTTP FRAgent daemon and conducting a man-in-the-middle MITM attack...
CVE-2006-6476
FRAgent.exe in Mandiant First Response MFR before 1.1.1, when run in daemon mode and when the agent is bound to 0.0.0.0 all interfaces, opens sockets in non-exclusive mode, which allows local users to hijack the socket, and capture data or cause a denial of service loss of daemon operation...
CVE-2006-6476
CVE-2006-6476 affects Mandiant First Response (FRAgent.exe) prior to version 1.1.1. When run as a daemon and bound to 0.0.0.0 (all interfaces), FRAgent opens sockets in non-exclusive mode, enabling a local attacker to hijack the listening socket and potentially capture data or cause a denial of s...
CVE-2006-6475
CVE-2006-6475 affects Mandiant First Response (FRAgent.exe) prior to version 1.1.1 in daemon/SSL mode. The vulnerability is a denial-of-service condition: remotely sending malformed requests to an SSL-enabled daemon can trigger an unhandled exception, causing sockets to reach an indefinite CLOSE_...
SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID: SYMSA-2006-013 Advisory Title: Multiple Vulnerabilities in Mandiant First Response Author: Brian Reilly / [email protected] Release Date: 18-12-2006...
Mandiant First Response多个拒绝服务及代理劫持漏洞
Mandiant First Response是一款事件响应工具,用于收集所运行进程、系统服务之类的系统信息。 Mandiant First Response中存在多个安全漏洞,具体如下: 1 畸形客户端请求导致SSL代理拒绝服务 如果以守护程序模式运行的话,First Response代理(FRAgent.exe)会通过HTTP或修改过的HTTPS实现接受First Response控制台的远程连接。如果攻击者向启用了SSL的代理发送了一系列特制请求的话,就会强制代理出现异常,之后代理的套接字会陷入无限的CLOSEWAIT状态,所有之后的连接尝试也都会被拒绝,必须重启服务才能恢复连接。...
Mandiant First Response multiple security vulnerabilities
DoS on SSL parsing in HTTPS interface, data manipulation...
First Response < 1.1.1 Multiple Vulnerabilities
The remote host contains a version of First Response, an incident response tool, that is affected by multiple vulnerabilities. If the First Response agent fragent is configured to listen for remote SSL-enabled connections, it is reportedly possible to disable the agent remotely by sending a serie...