536 matches found
Log forging vulnerability
It is possible to fake log entries in FishEye/Crucible logs, by sending specially crafted http requests containing a newline character. For example going to the url /changelog/asd%0AFake%20log%20entry will cause the following to be logged: code 2015-03-24 09:59:09,564 INFO qtp1610928748-315 fishe...
Log forging vulnerability
It is possible to fake log entries in FishEye/Crucible logs, by sending specially crafted http requests containing a newline character. For example going to the url /changelog/asd%0AFake%20log%20entry will cause the following to be logged: code 2015-03-24 09:59:09,564 INFO qtp1610928748-315 fishe...
The vulnerability of the Mac OS X operating system, which allows a hacker to manipulate timestamps
The vulnerability of the Mac OS X operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to forge timestamps due to errors in restricting access to the date and time settings panel...
ThinkSNS 4.0 一处设计缺陷(可伪造任意人发朋友圈)
简要描述: 通常用于诈骗! 详细说明: 官方的demo已经是4.0,可惜下不到源码 翻来看看ThinkSNS 3.0的源码,发现一处严重的设计缺陷 apps\public\Lib\Action\AccountAction.class.php 下doSaveProfile方法为保存用户信息操作 / 保存基本信息操作 @return json 返回操作后的JSON信息数据 / public function doSaveProfile $res = true; // 保存用户表信息 if!empty$POST'sex' $save'sex' = 1 == intval$POST'sex' ?...
Log forging vulnerability
It is possible to fake log entries in FishEye/Crucible logs, by sending specially crafted http requests containing a newline character. For example going to the url /changelog/asd%0AFake%20log%20entry will cause the following to be logged: code 2015-03-24 09:59:09,564 INFO qtp1610928748-315 fishe...
Log forging vulnerability
It is possible to fake log entries in FishEye/Crucible logs, by sending specially crafted http requests containing a newline character. For example going to the url /changelog/asd%0AFake%20log%20entry will cause the following to be logged: code 2015-03-24 09:59:09,564 INFO qtp1610928748-315 fishe...
Ubuntu 14.04 LTS : Kerberos vulnerabilities (USN-2498-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2498-1 advisory. It was discovered that Kerberos incorrectly sent old keys in response to a -randkey -keepold request. An authenticated remote attacker could use this iss...
SUSE-SU-2015:0290-1 Security update for krb5
MIT kerberos krb5 was updated to fix several security issues and bugs. Security issues fixed: CVE-2014-5351: The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 sent old keys in a response to a -randkey -keepold request, which allowed remote...
KesionCMS最新版本可伪造任何人发表评论
简要描述: KesionCMS最新版本可伪造任何人发表评论 详细说明: 1.首先登陆官网的一个demo http://demo.kesioncms.com 2.随便找一条贴子发表评论 这里就找到了管理员更新的一篇文章 url:http://demo.kesion.com/html/xwpd/gn/2629.html 3.发表评论.得到请求的url...
CXF: SSL hostname verification bypass, incomplete CVE-2012-6153 fix
It was found that the fix for CVE-2012-6153 was incomplete: the code added to check that the server hostname matches the domain name in a subject's Common Name CN field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially...
CVE-2014-5351
CVE-2014-5351 affects MIT Kerberos 5 (krb5) kadmind: the kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c sends old keys in response to a -randkey -keepold request, enabling remote authenticated users to forge tickets by leveraging administrative access. Affected: krb5
openSUSE: Security Advisory for mozilla-nss (openSUSE-SU-2014:1232-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2360-2 thunderbird vulnerabilities
USN-2360-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory details: Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled parsing ASN.1 values. An attacker could use this issue to forge RSA certificates...
CFME: AgentController get/log application log forging
It was found that the get and log methods of the AgentController wrote log messages without sanitizing user input. A remote attacker could use this flaw to insert arbitrary content into the log files written to by AgentController...
HFS HTTP File Server 1.5/2.x Multiple Security Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27423/info HFS HTTP File Server is prone to multiple security vulnerabilities, including cross-site scripting issues, an information-disclosure issue, an arbitrary file-creation issue, a denial-of-service issue, a...
openSUSE Security Update : icecast (openSUSE-SU-2012:0352-1)
Icecast didn't strip newlines from log entries, therefore allowing uses to forge log entries. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-153. The text description of this...
OpenSSL 'ChangeCipherSpec' MiTM Potential Vulnerability
The OpenSSL service on the remote host is potentially vulnerable to a man-in-the-middle MiTM attack, based on its response to two consecutive 'ChangeCipherSpec' messages during the incorrect phase of an SSL/TLS handshake. This flaw could allow a MiTM attacker to decrypt or forge SSL messages by...
SuSE Update for Fixes openSUSE-SU-2013:1952-1 (Fixes)
Check for the Version of Fixes OpenVAS Vulnerability Test $Id: gbsuse201319521.nasl 8466 2018-01-19 06:58:30Z teissa $ SuSE Update for Fixes openSUSE-SU-2013:1952-1 Fixes Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is...
Design/Logic Flaw
The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authenticated users to trigger arbitrary outbound TCP traffic via a crafted Source field, as demonstrated b...
CVE-2013-1648
The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authenticated users to trigger arbitrary outbound TCP traffic via a crafted Source field, as demonstrated b...