56 matches found
PYSEC-2018-28
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network...
Information Disclosure Through Logs
logstash-core is vulnerable to information disclosure. The vulnerability is possible because it logs information from HTTP authorization headers which could contain sensitive information. Users who use secure communication from logstash to elasticsearch via basic authorization using elastic shiel...
Edimax Products Multiple Vulnerabilities (Sep 2015) - Active Check
Edimax products are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Edimax PS-1206MF - Web Admin Authentication Bypass
Title: Edimax PS-1206MF - Web Admin Auth Bypass Date: 30.08.15 Vendor: edimax.com Firmware version: 4.8.25 Author: Smash Contact: smash at devilteam.pl HTTP authorization is not being properly verified while sendind POST requests to .cgi, remote attacker is able to change specific settings or eve...
Edimax PS-1206MF - Web Admin Auth Bypass Vulnerability
Exploit for hardware platform in category web applications Title: Edimax PS-1206MF - Web Admin Auth Bypass Date: 30.08.15 Vendor: edimax.com Firmware version: 4.8.25 Author: Smash Contact: smash at devilteam.pl HTTP authorization is not being properly verified while sendind POST requests to .cgi,...
Authentication flaw
The Belkin N300 F7D7301v1 router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header...
Spreecommerce < 0.50.0 Arbitrary Command Execution
Exploit for unix platform in category remote exploits $Id: spreesearchlogicexec.rb 12397 2011-04-21 19:38:42Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informatio...
Spreecommerce Arbitrary Command Execution
This module exploits an arbitrary command execution vulnerability in the Spreecommerce API searchlogic for versions 0.50.0 and earlier. Unvalidated input is called via the Ruby send method allowing command execution. This module requires Metasploit: https://metasploit.com/download Current source:...
Authorization
The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service operating system halt via a malformed HTTP Authorization header...
Mandriva Update for firefox MDVSA-2010:070 (firefox)
Check for the Version of firefox OpenVAS Vulnerability Test Mandriva Update for firefox MDVSA-2010:070 firefox Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Free Download Manager Remote Control Server HTTP Authorization buffer overflow
Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...
Free Download Manager Remote Control Server HTTP Authorization buffer overflow
Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...
Free Download Manager Remote Control Server HTTP Authorization buffer overflow
Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...
Free Download Manager Remote Control Server HTTP Authorization buffer overflow
Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...
Now SMS/MMS Gateway < 2008.02.22 Multiple Remote Overflows
The remote host is running Now SMS/MMS Gateway, a tool for connecting to SMS and/or MMS messaging providers and managing GSM modems. The web interface component of the version of Now SMS/MMS Gateway installed on the remote host contains a stack-based buffer overflow that can be triggered using a...
Переполнение буфера в thttpd (buffer overflow)
Переполнение буфера при base64-декодировании заголовка HTTP-авторизации...