Apache Httpd < 2.2.21 : mod_proxy_ajp remote DoS

A flaw was found when modproxyajp is used together with modproxybalancer. Given a specific configuration, a remote attacker could send certain malformed HTTP requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of service...

Oracle GlassFish Server Administration Console GET Request Authentication Bypass

The version of GlassFish Server running on the remote host has an authentication bypass vulnerability. The server fails to enforce authentication on HTTP requests that contain lower case method names e.g. 'get'. A remote, unauthenticated attacker could exploit this to upload and execute arbitrary...

Apache APR apr_fnmatch Stack Overflow Denial of Service (CVE-2011-0419)

A stack overflow vulnerability has been reported in Apache Portable Runtime APR library. Apache is a popular HTTP web server. The vulnerability is due to an error in the way the APR parses certain requests with a user specified filter. A remote attacker could exploit this vulnerability by sending...

CentOS Update for tomcat5 CESA-2010:0580 centos5 i386

Check for the Version of tomcat5 OpenVAS Vulnerability Test CentOS Update for tomcat5 CESA-2010:0580 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.002 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Heap Corruption in Citrix XML Service Risk: HIGH Vendor...

SA500 vulnerabilities - details

Hi Advisory by Cisco was published a few days ago Bugtraq ID: 48810. Now more details: 1. Unathenticated access to web management any user - including admin. Due to blind SQLi in the login form of web management port 443, https, login field, embedded sqlite DB, there is possible to obtain: a all...

XenApp / XenDesktop Buffer Overflow

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.001 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Stack-Based Buffer Overflow in Citrix XML Service Risk:...

Citrix XenApp / XenDesktop Stack-Based Buffer Overflow

No description provided by source. n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.001 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Stack-Based Buffer...

Citrix XenApp / XenDesktop XML Service Heap Corruption

Exploit for windows platform in category dos / poc Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Heap Corruption in Citrix XML Service Risk: HIGH Vendor communication: 2011/04/26 Initia...

Novell File Reporter Engine RECORD Element Tag Parsing Overflow (credentialed check)

The version of Novell File Reporter NFR Engine installed on the remote Windows host is earlier than 1.0.2.53. As such, it reportedly has a flaw in its handling of HTTP requests to the TCP port used to communicate with the NFR Agent, normally 3035. Specifically, the application fails to check the...

ruby WEBrick log escape sequence

WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrar...

CVE-2011-0212

servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML-RPC request containing an entity declaration in conjunction with an entity reference,...

CVE-2011-0212

CVE-2011-0212 affects Apple Mac OS X Server (servermgrd) prior to 10.6.8. An XML External Entity (XXE) flaw in servermgrd’s XML-RPC handling can allow remote attackers to read arbitrary files and potentially send HTTP requests to intranet servers, with possible CPU/memory DoS. Root cause: unsafe ...

CVE-2011-2206

XMLParser.pm in DJabberd before 0.85 allows remote authenticated users to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML external entity declaration in conjunction with an entity reference, a different...

Xxe

XMLParser.pm in DJabberd before 0.85 allows remote authenticated users to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML external entity declaration in conjunction with an entity reference, a different...

CVE-2011-2206

XMLParser.pm in DJabberd before 0.85 allows remote authenticated users to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML external entity declaration in conjunction with an entity reference, a different...

Debian DSA-2247-1 : rails - several vulnerabilities

Several vulnerabilities have been discovered in Rails, the Ruby web application framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-0446 Multiple cross-site scripting XSS vulnerabilities when JavaScript encoding is used, allow remote attacker...

[SECURITY] [DSA 2247-1] rails security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2247-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 31, 2011 http://www.debian.org/security/faq -...

Nmap NSE net: http-userdir-enum

Attempts to enumerate valid usernames on web servers running with the moduserdir module or similar enabled. The Apache moduserdir module allows user-specific directories to be accessed using the http://example.com/user/ syntax. This script makes http requests in order to discover valid user-...

Nmap NSE net: http-brute

Performs brute force password auditing against http basic authentication. SYNTAX: brute.firstonly: stop guessing after first password is found default: false brute.unique: make sure that each password is only guessed once default: true http-brute.hostname: sets the host header in case of virtual...