Microsoft Windows HTTP.sys Remote Code Execution Vulnerability (3042553)

This host is missing an important security update according to Microsoft Bulletin MS15-034. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft HTTP.sys RCE Vulnerability (MS15-034) - Active Check

This host is missing an important security update according to Microsoft Bulletin MS15-034. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

MS15-034: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)

The version of Windows running on the remote host is affected a vulnerability in the HTTP protocol stack HTTP.sys due to improperly parsing crafted HTTP requests. A remote attacker can exploit this to execute arbitrary code with System privileges. C Tenable Network Security, Inc...

PT-2015-1051

Name of the Vulnerable Software and Affected Versions Microsoft Windows 7 SP1 Microsoft Windows Server 2008 R2 SP1 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Gold Microsoft Windows Server 2012 R2 Description A remote code execution issue exists in the HTTP protocol...

CVE-2015-0251

The moddavsvn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences...

Design/Logic Flaw

The moddavsvn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences...

CVE-2015-0251

CVE-2015-0251 affects Subversion’s mod_dav_svn server. The vulnerability arises from improper handling of the svn:author property in crafted v1 HTTP protocol request sequences, allowing remote authenticated users to spoof author information. Affected products/versions include Subversion 1.5.0–1.7...

CVE-2015-0251

The moddavsvn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences...

CVE-2015-0251

The moddavsvn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences...

CVE-2015-0251

The moddavsvn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences...

Apache Axis2 Web Services Detection (HTTP)

HTTP based detection of Apache Axis2 Web Services. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH SPDX-FileCopyrightText: Reworked detection methods / pattern / code since 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

[SECURITY] Fedora 20 Update: libhtp-0.5.6-3.fc20

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; 2. Permissive parsing; 3. Awareness of evasion techniques; 4. Performance;...

wdcp X-Forwarded-For injected vulnerability analysis-vulnerability warning-the black bar safety net

Originally this article want and on the article written together, but because of Bad typography will further write this post. 1 3 years of vulnerability, the Internet also does not have this vulnerability details this vulnerability to use the tool, so hold learning mentality, try to analyze it. 0...

http-wordpress-users NSE Script

Enumerates usernames in Wordpress blog/CMS installations by exploiting an information disclosure vulnerability existing in versions 2.6, 3.1, 3.1.1, 3.1.3 and 3.2-beta2 and possibly others. Original advisory: Script Arguments http-wordpress-users.out If set it saves the username list in this file...

[SECURITY] Fedora 20 Update: libhtp-0.5.6-2.fc20

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; 2. Permissive parsing; 3. Awareness of evasion techniques; 4. Performance;...

[SECURITY] Fedora 21 Update: libhtp-0.5.16-1.fc21

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; 2. Permissive parsing; 3. Awareness of evasion techniques; 4. Performance;...

NetDecision-Dashboard-1.0

Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.netmechanica.com Advisory : http://secpod.org/blog/?p=478 http://secpod.org/advisories/SecPodNetmechanicaNetDecisionDashboardServerInfoDiscVuln.txt...

WebsiteBaker 2.8.3 - Multiple Vulnerabilities

============================================= MGC ALERT 2014-004 - Original release date: March 11, 2014 - Last revised: November 18, 2014 - Discovered by: Manuel Garcia Cardenas - Severity: 10/10 CVSS Base Score ============================================= I. VULNERABILITY...

Oracle E-Business Suite/Oracle Forms RCE Vulnerability (Oct 2014) - Active Check

Oracle E-Business Suite/Oracle Forms is prone to a remote code execution RCE vulnerability in the Oracle Applications Technology Stack. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...

Piwigo 2.6.0 - picture.php?rate SQL Injection

Piwigo 2.6.0 - picture.php?rate SQL Injection ============================================= MGC ALERT 2014-001 - Original release date: January 12, 2014 - Last revised: November 12, 2014 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score...