A jingdong log security vulnerabilities-vulnerability warning-the black bar safety net

Table of Contents 1 Introduction 2 the inspection process 3 Summary 1 Introduction Recently looking at an open source site code, found if the login page via the http Protocol requests, will be redirected to use the https Protocol of the url, so you can ensure login security. Today a whim, want to...

http-feed NSE Script

This script crawls through the website to find any rss or atom feeds. The script, by default, spiders and searches within forty pages. For large web applications make sure to increase httpspider's maxpagecount value. Please, note that the script will become more intrusive though. Script Arguments...

Hostinger Web Hosting Cross Site Scripting

Hostinger Web Hosting Multiple Cross Site Scripting Report-Timeline: ================ 2013-06-01: Researcher Notification 2013-06-03: RESPONSE 2013-06-07: Ask About the issues 2013-06-10: Vendor Feedback 2013-06-13: Not Fixed 2013-06-16: Full Disclosure I-VULNERABILITY -------------------------...

HTTP 500 Detection (Client)

Binary data 6853.prm...

Aastra OpenCom Detection

Detection of Aastra OpenCom. The script sends a connection request to the server and attempts to determine the model from the reply. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Moderate: Red Hat Security Advisory: squid security and bug fix update

Updated squid packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189

Check for the Version of jakarta-commons-httpclient OpenVAS Vulnerability Test Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

[SECURITY] Fedora 16 Update: jakarta-commons-httpclient-3.1-12.fc16

The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...

[SECURITY] Fedora 17 Update: jakarta-commons-httpclient-3.1-12.fc17

The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...

[SECURITY] Fedora 18 Update: jakarta-commons-httpclient-3.1-12.fc18

The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...

CVE-2012-5976

Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones before 10.11.1-digiumphones allow remote attackers to cause a denial o...

Stack overflow

Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones before 10.11.1-digiumphones allow remote attackers to cause a denial o...

DomsHttpd 1.0 <= Remote Denial Of Service

DomsHttpd 1.0 = Remote Denial Of Service Discovered by: Jean Pascal Pereira [email protected] About DomsHttpd: "A very simple HTTP protocol program base on asynchronous socket model." Vendor URI: http://domshttpd.codeplex.com/ The remote attacker has the possibility to crash the application by...

http-sitemap-generator NSE Script

Spiders a web server and displays its directory structure along with number and types of files in each folder. Note that files listed as having an 'Other' extension are ones that have no extension or that are a root document. Script Arguments http-sitemap-generator.withindomain only spider URLs...

RedHat Update for sblim-cim-client2 RHSA-2012:0987-04

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Ctek SkyRouter 4200 and 4300 Series Routers Remote Arbitrary Command Execution Vulnerability

Ctek SkyRouter 4200 and 4300 series routers are prone to a remote arbitrary command-execution vulnerability because it fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright...

FreeBSD : Apache Traffic Server -- heap overflow vulnerability (acab2f88-7490-11e1-865f-00e0814cab4e)

CERT-FI reports : A heap overflow vulnerability has been found in the HTTP Hypertext Transfer Protocol protocol handling of Apache Traffic Server. The vulnerability allows an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified HTTP message ...

Apache Traffic Server -- heap overflow vulnerability

CERT-FI reports: A heap overflow vulnerability has been found in the HTTP Hypertext Transfer Protocol protocol handling of Apache Traffic Server. The vulnerability allows an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified HTTP message t...

Oracle Fusion Middleware Web Services Manager Unspecified Remote Information Disclosure

The version of one or more Fusion Middleware products installed on the remote host indicates a susceptibility to an unspecified, remote information disclosure attack related to the Web Services Manager Security Component accessible via the HTTP protocol. C Tenable Network Security, Inc...

riak-http-info NSE Script

Retrieves information such as node name and architecture from a Basho Riak distributed database using the HTTP protocol. Script Arguments slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline,...