3630 matches found
Oracle Weblogic Apache Connector - POST Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 /Apache/ include...
Oracle Weblogic Apache Connector POST Request Buffer Overflow
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
CERT Warns On Critical Hole In SCADA Software By Italian Firm Progea
The U.S. Department of Homeland Security issued a bulletin on Thursday warning readers about a previously undisclosed, critical vulnerability in Movicon 11, a product used to manage critical infrastructure including the manufacturing, energy and water sectors. DHS’s Industrial Control Systems Cyb...
PHP < 5.3.13, 5.4.x < 5.4.3 Multiple Vulnerabilities - Active Check
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.103482"...
PT-2012-3099 · Python +3 · Python +3
Name of the Vulnerable Software and Affected Versions: Python versions prior to 2.6.8 Python versions 2.7.x prior to 2.7.3 Python versions 3.x prior to 3.1.5 Python versions 3.2.x prior to 3.2.3 Description: The issue allows context-dependent attackers to cause a denial of service, specifically...
CMS Made Simple <= 1.10.3 XSS Vulnerability
Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : CMS Made Simple = 1.10.3 XSS Vulnerability Date : 02-04-2012 Author : Ivano Binetti...
SyndeoCMS <= 3.0.01 Persistent XSS Vulnerability
Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : SyndeoCMS = 3.0.01 Persistent XSS Date : 29-03-2012 Author : Ivano Binetti...
SyndeoCMS 3.0.01 - Persistent Cross-Site Scripting
+---------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : SyndeoCMS = 3.0.01 Persistent XSS Date : 29-03-2012 Author : Ivano Binetti http://ivanobinetti.com Vendor site : http://www.syndeocms.org/ Software...
Apache Tomcat Hash Collision Denial Of Service Vulnerability
Apache Tomcat Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
php, php53 security update
CentOS Errata and Security Advisory CESA-2012:0019 Updated php53 and php packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability...
OP5 welcome Remote Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'OP5 welcome Remot...
Exploit Code Released for ASP.NET Flaw
A few days after MIcrosoft released a patch to fix a vulnerability in ASP.NET that could enable a denial-of-service attack, someone has released exploit code for the vulnerability. The proof-of-concept exploit code was posted to the Full Disclosure mailing list and is available for download from...
Oracle GlassFish Server Hash Collision Denial of Service Vulnerability
The host is running GlassFish Server and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbglassfishhashcollisiondosvuln.nasl 6018 2017-04-24 09:02:24Z teissa $ Oracle GlassFish Server Hash Collision Denial of Service Vulnerability Authors: Antu Sanadi Copyright:...
Apache APR - Hash Collision Denial of Service
source: https://www.securityfocus.com/bid/51917/info Apache APR is prone to a denial-of-service vulnerability. An attacker can exploit this issue by sending specially crafted forms in HTTP POST requests. https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/36669.zip...
Oracle GlassFish Server <= 3.1.1 Hash Collision DoS Vulnerability
GlassFish Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
PHP < 5.3.9 Multiple DoS Vulnerabilities - Windows
PHP is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...
Oracle GlassFish Server 3.x Web表单哈希冲突拒绝服务漏洞
Oracle GlassFish Server是一款构建和部署下一代应用程序和服务的开源和开放社区平台。 Oracle GlassFish Server在处理哈希表单张贴和更新哈希表单时,哈希生成函数中存在错误,通过在HTTP POST请求中发送特制的表单,攻击者可利用此漏洞造成哈希冲突,导致较高的CPU消耗 0 Oracle GlassFish Server 3.x 厂商补丁: Oracle ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
Apache Tomcat Web表单哈希冲突拒绝服务漏洞
BUGTRAQ ID: 51200 Tomcat是由Apache软件基金会下属的Jakarta项目开发的一个Servlet容器,按照Sun Microsystems提供的技术规范,实现了对Servlet和JavaServer Page(JSP)的支持,并提供了作为Web服务器的一些特有功能,如Tomcat管理和控制平台、安全域管理和Tomcat阀等。 Tomcat在处理哈希表单张贴和更新哈希表单时,哈希生成函数中存在错误,通过在HTTP POST请求中发送特制的表单,攻击者可利用此漏洞造成拒绝服务。 0 Apache Group Tomcat 7.x Apache Group Tomca...
Rubinius Web表单哈希冲突拒绝服务漏洞
BUGTRAQ ID: 51196 Rubinius是一个运行Ruby程序的虚拟机,其带有Ruby的核心库。 Rubinius在哈希表单张贴和更新哈希表单时,哈希生成函数中存在错误,通过在HTTP POST请求中发送特制的表单,攻击者可利用此漏洞造成哈希冲突,导致较高的CPU消耗。 0 rubini 1.x 厂商补丁: rubini ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://rubini.us/...
CVE-2011-5009
The CVE-2011-5009 vulnerability affects 3S CoDeSys CmpWebServer (Control service) as part of CoDeSys 3.4 SP4 Patch 2. It stems from insufficient validation of incoming HTTP requests, leading to a NULL pointer dereference when handling a crafted Content-Length in an HTTP POST or an invalid HTTP me...