19 matches found
Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypass
Summary Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass host-based routing and any access controls attached to that route by changing the...
GHSA-X76F-JF84-RQJ8 Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypass
Summary Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass host-based routing and any access controls attached to that route by changing the...
CVE-2026-27588
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...
PT-2026-21773
Name of the Vulnerable Software and Affected Versions Caddy versions prior to 2.11.1 Description Caddy’s HTTP host request matcher is documented as case-insensitive, but becomes case-sensitive when configured with a large host list more than 100 entries due to an optimized matching path. An...
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...
GO-2025-4155 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...
CVE-2012-0435
SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984...
Moodle 代码问题漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. Moodle suffers from a security vulnerability that stems from inadequate host list checks...
Failed to obtain XenServer host list when run powershell Remove-Provscheme
XenServer hosts have retired, but the configuration was not deleted from DDC. When trying to delete the host connection from Studio, error was thrown. When using Powershell Remove-Provscheme to delete the associated provisioning information, error "Failed to obtain XenServer host list" isthrown...
Qualys API Best Practices: Host List Detection API
Host List Detection is your subscriptions list of hosts and their corresponding up-to-date detections including: 1. Confirmed Vulnerability Detections 2. Potential Vulnerability Detections 3. Information Gathered Detections about your system After extracting Host List Detection vulnerability data...
Qualys API Best Practices: Host List API
When you’re looking to add automation to your vulnerability management and policy compliance program, a good starting point is the Host List, which is your scanned asset inventory. More precisely, it represents which assets have been scanned and when for Qualys Vulnerability Management VM or Poli...
CVE-2018-1043
In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames...
Moodle Security Bypass Vulnerability
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security vulnerability exists in version 3.x of Moodle. An attacker could exploit th...
EyesOfNetwork web interface command execution vulnerability (CNVD-2017-31578)
EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A security vulnerability exists ...
CVE-2017-14118
In the EyesOfNetwork web interface aka eonweb 5.1-0, module\toolall\tools\interface.php does not properly restrict exec calls, which allows remote attackers to execute arbitrary commands via shell metacharacters in the hostlist parameter to module/toolall/selecttool.php...
CVE-2012-0435
SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984...
PT-2012-4127 · Ipswitch · Ipswitch Whatsup Gold
Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold version 15.02 Description: The issue allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter in the "WrVMwareHostList.asp" file. This enables attackers to manipulate database queries,...
sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access
sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address...
TCP SYN Denial of Service Exploit (bang.c)
No description provided by source. / BANG.C Coded by Sorcerer of DALnet FUCKZ to: etech, blazin, udp, hybrid and kdl PROPZ : skrilla, thanks for all your help with JUNO-Z and especially this code : -------------------------------- REDIRECTION DOS FINALLY DISTRIBUTED !!!!!! This is POC and...