CVE-2008-7295

CVE-2008-7295 : Affects Microsoft Internet Explorer by failing to properly restrict modifications to cookies set over HTTPS, allowing a man-in-the-middle attacker to overwrite or delete cookies via a Set-Cookie header in an HTTP response. Root cause cited as lack of HTTP Strict Transport Security...

CVE-2008-7294

CVE-2008-7294 affects Google Chrome prior to 4.0.211.0. The issue allows a man-in-the-middle to modify cookies established over HTTPS by injecting or removing cookies via a Set-Cookie header in an HTTP response, related to the absence of HSTS includeSubDomains. Impact is limited to cookie integri...

CVE-2008-7296

Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security HSTS includeSubDomains...

CVE-2008-7296

Summary (CVE-2008-7296): Apple Safari is affected by a cookie-forcing vulnerability where an attacker can modify or delete cookies established over HTTPS by injecting a Set-Cookie header in an HTTP response. This stems from Safari’s insufficient restriction of HTTPS cookies and the absence of the...

CVE-2008-7298

The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security HSTS...

CVE-2008-7298

The CVE-2008-7298 entry concerns the Android browser. It describes a vulnerability where the browser cannot properly restrict modifications to cookies established during HTTPS sessions, enabling a man-in-the-middle to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP respon...

CVE-2008-7294

Removed by vendor...

CentOS Update for nss CESA-2011:0472 centos4 i386

Check for the Version of nss OpenVAS Vulnerability Test CentOS Update for nss CESA-2011:0472 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for wget CESA-2009:1549 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for nss CESA-2011:0472 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for wget CESA-2009:1549 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for xulrunner CESA-2011:0373 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for nss CESA-2011:0472 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for squirrelmail CESA-2009:0010 centos3 i386

Check for the Version of squirrelmail OpenVAS Vulnerability Test CentOS Update for squirrelmail CESA-2009:0010 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Debian Security Advisory DSA 2246-1 (mahara)

The remote host is missing an update to mahara announced via advisory DSA 2246-1. OpenVAS Vulnerability Test $Id: deb22461.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2246-1 mahara Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian: Security Advisory (DSA-2246-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SA500 vulnerabilities - details

Hi Advisory by Cisco was published a few days ago Bugtraq ID: 48810. Now more details: 1. Unathenticated access to web management any user - including admin. Due to blind SQLi in the login form of web management port 443, https, login field, embedded sqlite DB, there is possible to obtain: a all...

Novell File Reporter Engine buffer overflow

Buffer overflow on TCP/3035 HTTPs response parsing...

SnoopServlet Cross Site Scripting

SnoopServlet simply echos back the request line and the headers that were sent by the client, plus any HTTPS information. Search Google for: j2ee/servlet/snoopservlet to find a lot of vuln sites. PoC:...

[USN-1158-1] curl vulnerabilities

========================================================================== Ubuntu Security Notice USN-1158-1 June 24, 2011 curl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...