Lucene search
K

1634 matches found

seebug.org
seebug.org
added 2009/10/26 12:0 a.m.159 views

jetty 6.x - 7.x xss information disclosure injection

No description provided by source. Jetty 6.x and 7.x Multiple Vulnerabilities Name Multiple Vulnerabilities in Jetty Systems Affected Jetty 7.0.0 and earlier versions Severity Medium Impact CVSSv2 Medium 5/10, vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Vendor http://www.mortbay.org/jetty/ Advisory...

5CVSS7.7AI score0.17413EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2009/09/22 12:0 a.m.28 views

RHEL 4 / 5 : neon (RHSA-2009:1452)

Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. neon is an HTTP and WebDAV client library, with a C interface. It provides a high-level...

5.8CVSS6.2AI score0.08437EPSS
Exploits1References5
Fedora
Fedora
added 2009/08/20 9:3 p.m.34 views

[SECURITY] Fedora 11 Update: neon-0.28.6-1.fc11

neon is an HTTP and WebDAV client library, with a C interface; providing a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete S...

4.3CVSS9.1AI score0.08437EPSS
Exploits1
Metasploit
Metasploit
added 2009/05/01 10:1 p.m.10 views

Oracle Application Server Spy Servlet SID Enumeration

This module makes a request to the Oracle Application Server in an attempt to discover the SID. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Application Server Spy Servlet SID...

6.8AI score
Exploits0
NVD
NVD
added 2009/04/09 3:8 p.m.17 views

CVE-2008-5519

The JK Connector aka modjk 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving 1 a request from a different client that included a Content-Length header but no POST dat...

2.6CVSS7.5AI score0.07263EPSS
Exploits2References26
UbuntuCve
UbuntuCve
added 2009/04/09 3:8 p.m.26 views

CVE-2008-5519

The JK Connector aka modjk 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving 1 a request from a different client that included a Content-Length header but no POST dat...

2.6CVSS6AI score0.07263EPSS
Exploits2References2
CVE
CVE
added 2009/04/09 3:0 p.m.111 views

CVE-2008-5519

The CVE refers to the mod_jk (JK Connector) for Apache Tomcat, affected in the 1.2.0–1.2.26 range. The root cause is an error in handling certain HTTP requests, enabling an attacker to obtain sensitive information via Content-Length-related scenarios (e.g., a request with Content-Length but no PO...

2.6CVSS5.6AI score0.07263EPSS
Exploits2References26Affected Software1
OpenVAS
OpenVAS
added 2009/03/20 12:0 a.m.24 views

RedHat Security Advisory RHSA-2009:0344

The remote host is missing updates announced in advisory RHSA-2009:0344. libsoup is an HTTP client/library implementation for GNOME written in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into...

7.5CVSS6.8AI score0.04024EPSS
Exploits1References2
Cent OS
Cent OS
added 2009/03/17 4:6 p.m.57 views

evolution28, libsoup security update

CentOS Errata and Security Advisory CESA-2009:0344 Updated libsoup and evolution28-libsoup packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libsoup is an...

7.5CVSS6.2AI score0.04024EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2009/03/16 1:53 p.m.42 views

Moderate: Red Hat Security Advisory: libsoup security update

Updated libsoup and evolution28-libsoup packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libsoup is an HTTP client/library implementation for GNOME writte...

7.5CVSS6.2AI score0.04024EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/02/25 12:0 a.m.14 views

Generic Botnet Server Detection (HTTP Client)

Binary data 4401.prm...

7.3AI score
Exploits0References1
Metasploit
Metasploit
added 2008/01/06 10:2 p.m.91 views

Webmin File Disclosure

A vulnerability has been reported in Webmin and Usermin, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error within the handling of an URL. This can be exploited to read the contents of any files on the...

5CVSS6.7AI score0.77953EPSS
Exploits2
securityvulns
securityvulns
added 2007/02/03 12:0 a.m.46 views

mpg123 audio player DoS

Ebdless loop in HTTP client code if HTTP server closes connection before file ctransferred completely...

4.3CVSS0.5AI score0.01438EPSS
Exploits0Affected Software1
Metasploit
Metasploit
added 2007/01/05 4:28 a.m.27 views

Cacti graph_view.php Remote Command Execution

This module exploits an arbitrary command execution vulnerability in the Raxnet Cacti 'graphview.php' script. All versions of Raxnet Cacti prior to 0.8.6-d are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...

0.9AI score
Exploits0
Metasploit
Metasploit
added 2007/01/05 3:48 a.m.24 views

Barracuda IMG.PL Remote Command Execution

This module exploits an arbitrary command execution vulnerability in the Barracuda Spam Firewall appliance. Versions prior to 3.1.18 are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModu...

7.5CVSS1.2AI score0.53375EPSS
Exploits8
UbuntuCve
UbuntuCve
added 2006/05/01 7:6 p.m.25 views

CVE-2006-1989

Buffer overflow in the getdatabase function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers...

5.1CVSS7.6AI score0.0581EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2006/05/01 7:0 p.m.21 views

CVE-2006-1989

Buffer overflow in the getdatabase function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers...

5.1CVSS7.6AI score0.0581EPSS
Exploits1
Cvelist
Cvelist
added 2006/05/01 7:0 p.m.23 views

CVE-2006-1989

Buffer overflow in the getdatabase function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers...

7.5AI score0.0581EPSS
Exploits1References24
CVE
CVE
added 2006/05/01 7:0 p.m.62 views

CVE-2006-1989

CVE-2006-1989 affects ClamAV’s HTTP client in the Freshclam updater, with a buffer overflow in the get_database function that can be triggered by oversized HTTP headers. Impact: potential remote code execution or a denial of service on vulnerable installations running ClamAV versions 0.80 through...

5.1CVSS7.5AI score0.0581EPSS
Exploits1References24Affected Software1
FreeBSD
FreeBSD
added 2006/05/01 12:0 a.m.32 views

clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability

Secunia reports: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the HTTP client in the Freshclam command line...

5.1CVSS6.8AI score0.0581EPSS
Exploits1References2
Rows per page
Query Builder