CVE-2009-1012

Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE:...

Integer overflow

Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE:...

CVE-2009-1012

Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE:...

CVE-2008-5519

The JK Connector aka modjk 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving 1 a request from a different client that included a Content-Length header but no POST dat...

VirtueMart 1.1.2 SQL Injection

require 'msf/core' class Metasploit3 'VirtueMart %q This module exploits VirtueMart 'Janek Vind "waraxe" ', 'License' = MSFLICENSE, 'Version' = '1.0', 'References' = 'BID', '33480', 'URL', 'http://www.waraxe.us/advisory-71.html', 'URL', 'http://secunia.com/advisories/33671/' , 'DisclosureDate' =...

HP OpenView Network Node Manager Multiple Parameters Buffer Overflow (CVE-2009-0920; CVE-2009-0921)

The Network Node Manager NNM is an HP OpenView product which manages networks.It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running over the network. Multiple buffer overflow vulnerabilities were reported in HP OpenView...

Ziproxy Security Bypass Vulnerability

This host is running Ziproxy server and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodziproxysecbypassvuln.nasl 5676 2017-03-22 16:29:37Z cfi $ Ziproxy Security Bypass Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 SecPod, http://www.secpod.com Thi...

CVE-2008-6497

The Neostrada Livebox ADSL Router allows remote attackers to cause a denial of service network outage via multiple HTTP requests for the /- URI...

CVE-2008-6497

The Neostrada Livebox ADSL Router allows remote attackers to cause a denial of service network outage via multiple HTTP requests for the /- URI...

Adonics NAS Adapter DoS

Multiple DoS conditions on HTTP requests processing after authentication...

NextApp Echo < 2.1.1 XML Injection Vulnerability

No description provided by source. SEC Consult Security Advisory 20090305-0 ======================================================================== title: NextApp Echo XML Injection Vulnerability program: NextApp Echo vulnerable version: Echo2 2.1.1 homepage: http://echo.nextapp.com/site/echo2...

NextApp Echo 2.1.1 - XML Injection

NextApp Echo 2.1.1 - XML Injection SEC Consult Security Advisory ======================================================================== title: NextApp Echo XML Injection Vulnerability program: NextApp Echo vulnerable version: Echo2 2.1.1 homepage: http://echo.nextapp.com/site/echo2 found: Feb...

NextApp Echo XML Injection

SEC Consult Security Advisory ======================================================================== title: NextApp Echo XML Injection Vulnerability program: NextApp Echo vulnerable version: Echo2 me...

NextApp Echo < 2.1.1 - XML Injection

SEC Consult Security Advisory ======================================================================== title: NextApp Echo XML Injection Vulnerability program: NextApp Echo vulnerable version: Echo2 2.1.1 homepage: http://echo.nextapp.com/site/echo2 found: Feb. 2008 by: Anonymous / SEC Consult...

Design/Logic Flaw

Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...

CVE-2009-0804

Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...

CVE-2009-0804

Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...

CentOS Update for irb CESA-2008:0562 centos3 x86_64

Check for the Version of irb OpenVAS Vulnerability Test CentOS Update for irb CESA-2008:0562 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Oracle Secure Backup Multiple Command Injections (CVE-2008-4006; CVE-2008-5448; CVE-2008-5449)

Oracle Database Server is an enterprise-level relational database application suite. Oracle Secure Backup Administration Server provides a single point of data management across network attached storage NAS devices and distributed hosts. Several command injection vulnerabilities were reported in...

Oracle TimesTen In-Memory Database evtdump CGI Module Format String (CVE-2008-5440)

Oracle TimesTen In-Memory Database is a product for real-time data management and is used for performance-critical functions in environments like real-time enterprises, telecom, capital markets and defense. A format string error vulnerability was reported in Oracle TimesTen In-memory Database. Th...