6 matches found
phpCAS vulnerable to Service Hostname Discovery Exploitation
Impact The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a valid ticket granted for any authorized service in the same SSO realm CAS server to authenticate to the service protected by phpCAS...
phpCAS vulnerable to Service Hostname Discovery Exploitation
phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service CAS server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a...
CVE-2022-39369 Service Hostname Discovery Exploitation in phpCAS
phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service CAS server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a...
Bing-Ip2Hosts - Bingip2Hosts Is A Bing.com Web Scraper That Discovers Websites By IP Address
Bing-ip2hosts is a Bing.com web scraper to discover hostnames by IP address. Description Bing-ip2hosts is a Bing.com web scraper that discovers hostnames by IP address. Bing is the flagship Microsoft search engine formerly known as MSN Search and Live Search. It provides a feature unique to searc...
SSL/TLS: Hostname discovery from server certificate
It was possible to discover an additional hostname of this server from its certificate Common or Subject Alt Name. Copyright C 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Apache Tomcat: Multiple vulnerabilities
Background Apache Tomcat is a Servlet-3.0/JSP-2.2 Container. Description Multiple vulnerabilities have been discovered in Apache Tomcat. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities allow an attacker to cause a Denial of Service, to hijack a session, ...