Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189

Check for the Version of jakarta-commons-httpclient OpenVAS Vulnerability Test Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Fedora Update for jakarta-commons-httpclient FEDORA-2013-1203

Check for the Version of jakarta-commons-httpclient OpenVAS Vulnerability Test Fedora Update for jakarta-commons-httpclient FEDORA-2013-1203 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Fedora 16 : jakarta-commons-httpclient-3.1-12.fc16 (2013-1289)

This update fixes a security vulnerability that caused jakarta-commons-httpclient not to verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via...

Fedora 17 : jakarta-commons-httpclient-3.1-12.fc17 (2013-1189)

This update fixes a security vulnerability that caused jakarta-commons-httpclient not to verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via...

Fedora 18 : jakarta-commons-httpclient-3.1-12.fc18 (2013-1203)

This update fixes a security vulnerability that caused jakarta-commons-httpclient not to verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via...

SonicWALL GMS 6 Arbitrary File Upload

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 /Apache-Coyote/ include...

Joomla Component com_dv Arbitrary File Upload Vulnerability metasploit

Exploit for php platform in category remote exploits -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= /' \ /'\ /\ \ /'\ /, \ /\/\ \ \ \ \ ,/\ /\ \ //\ \ /' \ /\ //\ Exploit database separated by exploit // type local, remote, DoS, etc. + Site : 1337day.com + Support...

WordPress Plugin Asset-Manager - Arbitrary '.PHP' File Upload (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'msf/core/exploit/phpexe'...

Axis2 -- Security vulnerabilities on dependency Apache HttpClient

Apache Axis2 reports: Apache Axis2 1.7.4 is a maintenance release that includes fixes for several issues, including the following security issues: Session fixation AXIS2-4739 and XSS AXIS2-5683 vulnerabilities affecting the admin console. A dependency on an Apache HttpClient version affected by...

Network Shutdown Module sort_values Credential Dumper

This module will extract user credentials from Network Shutdown Module versions 3.21 and earlier by exploiting a vulnerability found in lib/dbtools.inc, which uses unsanitized user input inside a eval call. Please note that in order to extract credentials, the vulnerable service must have at leas...

Narcissus Image Configuration Passthru Vulnerability

Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Nessus XMLRPC Interface Login Utility

This module simply attempts to login to a Nessus XMLRPC interface using a specific user/pass. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nessus XMLRPC Interface Login Utility', 'Descriptio...

Invision Power Board <= 3.3.4 unserialize() PHP Code Execution (2)

Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ Original:...

CVE-2012-5783

Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...

CVE-2012-5783

Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...

DEBIAN-CVE-2012-5783

Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...

Code injection

Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...

CVE-2012-5783

Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...

CVE-2012-5783

Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...