Lucene search
K

274 matches found

Tenable Nessus
Tenable Nessus
added 2016/05/18 12:0 a.m.26 views

openSUSE Security Update : varnish (openSUSE-2016-588)

This varnish update to version 3.0.7 fixes the following issues : Security issues fixed : - CVE-2015-8852: Vulnerable to HTTP Smuggling issues: Double Content Length and bad EOL. boo976097 Bugs fixed : - Stop recognizing a single CR \r as a HTTP line separator. - Improved error detection on...

7.5CVSS7.4AI score0.03524EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/05/09 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2016-0150)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03524EPSS
Exploits0References4
OSV
OSV
added 2016/04/25 7:57 a.m.3 views

MGASA-2016-0150 Updated varnish packages fix CVE-2015-8852

Updated varnish packages fix security vulnerabilities: Régis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies CVE-2015-8852...

7.5CVSS7.5AI score0.03524EPSS
Exploits0References3
Mageia
Mageia
added 2016/04/25 7:57 a.m.35 views

Updated varnish packages fix CVE-2015-8852

Updated varnish packages fix security vulnerabilities: Régis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies CVE-2015-8852...

7.5CVSS7.7AI score0.03524EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/04/25 12:0 a.m.32 views

Debian DSA-3553-1 : varnish - security update

Regis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

7.5CVSS7.5AI score0.03524EPSS
Exploits0References4
Debian
Debian
added 2016/04/22 7:34 a.m.45 views

[SECURITY] [DSA 3553-1] varnish security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3553-1 [email protected] https://www.debian.org/security/ Sebastien Delafond April 22, 2016 https://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.03524EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/04/22 12:0 a.m.26 views

Debian Security Advisory DSA 3553-1 (varnish - security update)

Regis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies. OpenVAS Vulnerability Test $Id: deb3553.nasl 6608 2017-07-07 12:05:05Z cfischer $...

5CVSS7.5AI score0.03524EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/04/21 12:0 a.m.28 views

Debian: Security Advisory (DSA-3553-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03524EPSS
Exploits0References3
OSV
OSV
added 2016/04/07 9:59 p.m.4 views

UBUNTU-CVE-2016-2086

Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header...

7.5CVSS7.2AI score0.06257EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/08/18 12:0 a.m.39 views

Fedora 22 : golang-1.4.2-3.fc22 (2015-13002)

security fixes for net/http smuggling Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

9.8CVSS7.2AI score0.09625EPSS
Exploits0References5
OSV
OSV
added 2015/06/25 12:32 p.m.2 views

USN-2654-1 tomcat7 vulnerabilities

It was discovered that the Tomcat XML parser incorrectly handled XML External Entities XXE. A remote attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 14.04 LTS. CVE-2014-0119 It was discovered that Tomcat incorrectly handled data with malformed chunk...

7.8CVSS6.9AI score0.21045EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/07/07 2:49 p.m.4 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.4 security update

Updated Red Hat JBoss Enterprise Application Platform 6.2.4 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

5CVSS6.7AI score0.2006EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2010/07/29 12:0 a.m.122 views

Oracle WebLogic Server Plug-in HTTP Injection

The remote web server is using the WebLogic plug-in for Apache, IIS, or Sun web servers, a module included with Oracle formerly BEA WebLogic Server and used to proxy requests from an HTTP server to WebLogic. The version of this plug-in on the remote host is affected by an HTTP injection...

6.4CVSS5.6AI score0.06509EPSS
Exploits1References3
myhack58
myhack58
added 2010/03/31 12:0 a.m.48 views

Practical Web Security testing of HTTP truncated smuggling vulnerability-vulnerability warning-the black bar safety net

In this article, we will detailed to introduce the reader for the HTTP truncated and HTTP smuggling attack security testing techniques. We will by example demonstrate how to use the HTTP Protocol, certain properties, or the use of Web application weaknesses, or different proxy for HTTP message of...

6.4AI score
Exploits0
Rows per page
Query Builder