FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference

FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference Advisory ID: HTB23129 Product: FireFly Mediaserver Vendor: FireFly Vulnerable Versions: 1.0.0.1359 and probably prior Tested Version: 1.0.0.1359 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: December 19, 2012...

FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference

Advisory ID: HTB23129 Product: FireFly Mediaserver Vendor: FireFly Vulnerable Versions: 1.0.0.1359 and probably prior Tested Version: 1.0.0.1359 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: NULL Pointer Dereference CWE-476 CVE...

Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities

This host is running Firefly MediaServer and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbfireflymediaservermultdosvuln.nasl 5841 2017-04-03 12:46:41Z cfi $ Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities Authors: Rachana Shetty Copyright:...

FireFly Mediaserver 1.0.0.1359 NULL Pointer Dereference

FireFly Mediaserver version 1.0.0.1359 suffers from a denial of service vulnerability that can be triggered by a NULL pointer dereference. Product: FireFly Mediaserver Vendor: FireFly Vulnerable Versions: 1.0.0.1359 and probably prior Tested Version: 1.0.0.1359 in Windows 7 SP1 Vendor Notificatio...

Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities

Firefly MediaServer is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2587-1 : libcgi-pm-perl - HTTP header injection

It was discovered that the CGI module for Perl does not filter LF characters in the Set-Cookie and P3P headers, potentially allowing attackers to inject HTTP headers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

[SECURITY] [DSA 2587-1] libcgi-pm-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2587-1 [email protected] http://www.debian.org/security/ December 11, 2012 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

CVE-2011-2732

Spring Security vulnerability (CVE-2011-2732) involves CRLF injection in logout handling via the spring-security-redirect parameter, allowing header injection and HTTP response splitting. Affected versions: 2.0.0–2.0.6 and 3.0.0–3.0.5. Root cause: shared logout code reads the redirect parameter f...

Apple QuickTime 7.7.2 MIME Type Buffer Overflow

This module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3. This module requires Metasploit: https://metasploit.com/download...

Ubuntu Update for python-django USN-1632-2

Ubuntu Update for Linux kernel vulnerabilities USN-1632-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN16322.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python-django USN-1632-2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.ne...

Ubuntu: Security Advisory (USN-1632-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FireFly Media Server Multiple Remote DoS Vulnerabilities

High-Tech Bridge Security Research Lab has discovered multiple remote denial of service DoS vulnerabilities in FireFly Media Server, which could be exploited by a malicious person to crash a remote server. 1 Multiple NULL pointer dereference vulnerabilities in FireFly Media Server: CVE-2012-5875...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : python-django regression (USN-1632-2)

USN-1632-1 fixed a vulnerability in Django. The upstream fix introduced testsuite failures when ADMINS and/or MANAGERS were defined in settings.py. This update fixes the problem. We apologize for the inconvenience. James Kettle discovered Django did not properly filter the Host HTTP header when...

USN-1632-2: Django regression

USN-1632-1 fixed a vulnerability in Django. The upstream fix introduced testsuite failures when ADMINS and/or MANAGERS were defined in settings.py. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Kettle discovered Django did not properly filter...

Ubuntu Update for python-django USN-1632-1

Ubuntu Update for Linux kernel vulnerabilities USN-1632-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16321.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python-django USN-1632-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.ne...

[USN-1632-1] Django vulnerability

========================================================================== Ubuntu Security Notice USN-1632-1 November 15, 2012 python-django vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : python-django vulnerability (USN-1632-1)

James Kettle discovered Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...

USN-1632-1: Django vulnerability

James Kettle discovered Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users...

ZenPhoto 1.4.3.3 - Multiple Vulnerabilities

ZenPhoto 1.4.3.3 - Multiple Vulnerabilities waraxe-2012-SA096 - Multiple Vulnerabilities in Zenphoto 1.4.3.3 =============================================================================== Author: Janek Vind "waraxe" Date: 03. November 2012 Location: Estonia, Tartu Web:...

Zenphoto 1.4.3.3 Multiple Vulnerabilities

Exploit for php platform in category web applications Multiple Vulnerabilities in Zenphoto 1.4.3.3 Author: Janek Vind "waraxe" Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-96.html Description of vulnerable software: Zenphoto is a standalone CMS for multimedia focused websites. Our...