Lucene search
+L

3905 matches found

seebug.org
seebug.org
added 2012/01/19 12:0 a.m.31 views

JBoss 'mod_cluster'安全绕过漏洞

Bugtraq ID: 51554 CVE ID:CVE-2011-4608 JBOSS是一个基于J2EE的开放源代码的应用服务器。 modcluster允许worker节点在任意虚拟主机vhost上注册,而无视应用在其他虚拟主机上的安全性限制。在某些环境下,一个vhost配置为内部worker节点,而另一个配置为服务外部内容。远程攻击者可以利用此缺陷通过没有配置应用安全限制的外部虚拟主机注册为攻击者控制的worker节点,然后使用worker节点服务恶意内容,截获验证凭据,劫持用户会话。 0 Red Hat JBoss Enterprise Web Server for RHEL 6...

7.5CVSS6.5AI score0.03197EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2012/01/18 7:21 p.m.4 views

mod_cluster: malicious worker nodes can register on any vhost

modcluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from ...

7.5CVSS6AI score0.03197EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/01/18 7:20 p.m.11 views

mod_cluster: malicious worker nodes can register on any vhost

modcluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from ...

7.5CVSS6AI score0.03197EPSS
Exploits1References4
Nmap
Nmap
added 2011/12/30 4:5 a.m.1844 views

ssh-hostkey NSE Script

Shows SSH hostkeys. Shows the target SSH server's key fingerprint and with high enough verbosity level the public key itself. It records the discovered host keys in nmap.registry for use by other scripts. Output can be controlled with the sshhostkey script argument. You may also compare the...

10CVSS9.4AI score0.99448EPSS
Exploits33
NVD
NVD
added 2011/12/29 10:55 p.m.21 views

CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...

4.3CVSS5.7AI score0.01371EPSS
Exploits0References8
OSV
OSV
added 2011/12/29 10:55 p.m.4 views

DEBIAN-CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...

4.3CVSS5.8AI score0.01371EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2011/12/29 10:55 p.m.24 views

CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...

4.3CVSS5.9AI score0.01371EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/11/28 12:0 a.m.27 views

VMware vCenter Update Manager Detection

VMware vCenter Update Manager also known as vSphere Update Manager was detected on the remote host. This application is used to manage patches on vSphere hosts. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid56957; scriptversion"1.5"; scriptcvsdate"Date: 2019/11/22";...

5.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2011/11/25 12:0 a.m.22 views

Fedora Update for cherokee FEDORA-2011-14660

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-14660 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.1AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/11/25 12:0 a.m.17 views

Fedora Update for cherokee FEDORA-2011-14634

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-14634 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.1AI score0.01398EPSS
Exploits1References2
Fedora
Fedora
added 2011/11/19 6:8 a.m.40 views

[SECURITY] Fedora 14 Update: puppet-2.6.12-1.fc14

Puppet lets you centrally manage every important aspect of your system usin g a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, an...

6.3CVSS2.1AI score0.02454EPSS
Exploits0
Fedora
Fedora
added 2011/11/19 6:1 a.m.28 views

[SECURITY] Fedora 15 Update: puppet-2.6.12-1.fc15

Puppet lets you centrally manage every important aspect of your system usin g a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, an...

6.3CVSS2.1AI score0.02454EPSS
Exploits0
Metasploit
Metasploit
added 2011/11/17 1:47 p.m.60 views

Windows Recon Computer Browser Discovery

This module uses railgun to discover hostnames and IPs on the network. LTYPE should be set to one of the following values: WK all workstations, SVR all servers, SQL all SQL servers, DC all Domain Controllers, DCBKUP all Domain Backup Servers, NOVELL all Novell servers, PRINTSVR all Print Que...

7.5AI score
Exploits0
VMware
VMware
added 2011/11/15 12:0 a.m.59 views

VMSA-2011-0014:VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability

VMSA-2011-0014 VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0014 VMware Security Advisory Synopsis: VMware vCenter Update Manager fix for Jetty Web server addresses...

5CVSS6AI score0.59726EPSS
Exploits7References3Affected Software1
Metasploit
Metasploit
added 2011/10/23 5:17 p.m.17 views

Windows Manage Host File Entry Removal

This module allows the attacker to remove an entry from the Windows hosts file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Manage Host File Entry Removal', 'Description' = %q This...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2011/10/23 5:17 p.m.32 views

Windows Manage Hosts File Injection

This module allows the attacker to insert a new entry into the target system's hosts file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'English' class MetasploitModule 'Windows Manage Hosts File Injection'...

0.5AI score
Exploits0
Veeam
Veeam
added 2011/10/06 12:0 a.m.13 views

Empty sockets counter in nworks Enterprise Manager

VMware vCenter or hosts have been added into Enterprise Manager and the amount of sockets is displayed correctly; however, once the maintenance procedure has been performed against the hosts and the hosts are restarted, then some of the hosts become unlicensed Enterprise Manager shows "0" instead...

1.9AI score
Exploits0
exploitpack
exploitpack
added 2011/09/28 12:0 a.m.29 views

Nmap-scanner

This module requires argument like: "Target Host" or IP address to work. A port Scanner uses raw IP packets in novel ways to determine what hosts are available on the network It was designed to rapidly scan large networks, but works fine against single hosts Nmap "Network Mapper" is an open sourc...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2011/09/27 12:0 a.m.19 views

Fedora Update for cherokee FEDORA-2011-12687

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12687 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.1AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/09/27 12:0 a.m.21 views

Fedora Update for cherokee FEDORA-2011-12698

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12698 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.1AI score0.01398EPSS
Exploits1References2
Rows per page
Query Builder