7520 matches found
Enterpriser16 LB 7.1 Cross Site Scripting
Title: ====== Enterpriser16 LB v7.1 - Multiple Web Vulnerabilities Date: ===== 2012-12-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=785 VL-ID: ===== 785 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ============= Load...
Enterpriser16 LB v7.1 - Multiple Web Vulnerabilities
Document Title: =============== Enterpriser16 LB v7.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=785 Release Date: ============= 2012-12-11 Vulnerability Laboratory ID VL-ID: ==================================== 785...
IBM System Director Remote DLL Load
IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll remotely from a WebDAV share. The following exploit will loa...
DEBIAN-CVE-2012-3513
munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command...
CVE-2012-5781
Amazon Elastic Load Balancing API Tools does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to...
Design/Logic Flaw
Amazon Elastic Load Balancing API Tools does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to...
CVE-2012-5781
Amazon Elastic Load Balancing API Tools does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to...
CVE-2012-5781
The CVE-2012-5781 entry concerns Amazon Elastic Load Balancing API Tools failing to verify that the server hostname matches the CN/subjectAltName in the X.509 certificate, enabling potential MITM via an arbitrary valid certificate. The root cause is improper hostname verification, related to over...
[SECURITY] Fedora 16 Update: haproxy-1.4.22-1.fc16
HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...
PT-2012-5462 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.7.2 Description: The issue concerns the load script function in fs/binfmt script.c, which does not properly handle recursion. This allows local users to obtain sensitive information from kernel stack memory vi...
UBUNTU-CVE-2012-4530
The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
ZEN Load Balancer Filelog - Command Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "ZEN Load Balancer...
tomcat: large number of parameters DoS
Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service CPU consumption via a request that contains many parameters and parameter values, a different vulnerability...
DEBIAN-CVE-2012-3400
Heap-based buffer overflow in the udfloadlogicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service system crash or possibly have unspecified other impact via a crafted UDF filesystem...
ZEN Load Balancer Multiple Security Vulnerabilities - Active Check
ZEN Load Balancer is prone to the following security vulnerabilities: - Multiple arbitrary command execution vulnerabilities - Multiple information disclosure vulnerabilities - An arbitrary file upload vulnerability SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpt...
ZEN Load Balancer - Multiple Vulnerabilities
ZEN Load Balancer - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/55638/info ZEN Load Balancer is prone to the following security vulnerabilities: 1. Multiple arbitrary command-execution vulnerabilities 2. Multiple information-disclosure vulnerabilities 3. An arbitrary...
ZEN Load Balancer Filelog Command Execution
Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
ZEN Load Balancer Filelog Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "ZEN Load Balancer...
ZEN Load Balancer Filelog Command Execution
This module exploits a vulnerability in ZEN Load Balancer version 2.0 and 3.0-rc1 which could be abused to allow authenticated users to execute arbitrary code under the context of the 'root' user. The 'content2-2.cgi' file uses user controlled data from the 'filelog' parameter within backticks...
CVE-2012-3919
The Cisco Application Control Engine ACE module 3.0 for Cisco Catalyst switches and Cisco routers does not properly monitor Load Balancer LB queues, which allows remote attackers to cause a denial of service incorrect memory access and module reboot via application traffic, aka Bug ID CSCtw70879...