Lucene search
K

895 matches found

OpenVAS
OpenVAS
added 2010/04/30 12:0 a.m.45 views

Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 (java-1.6.0-openjdk)

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 java-1.6.0-openjdk Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

9.3CVSS6.9AI score0.96319EPSS
Exploits46References2
Tenable Nessus
Tenable Nessus
added 2010/04/30 12:0 a.m.52 views

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)

java-160-openjdk version 1.7.3 fixes serveral security issues : - CVE-2010-0837: JAR 'unpack200' must verify input parameters - CVE-2010-0845: No ClassCastException for HashAttributeSet constructors if run with -Xcomp - CVE-2010-0838: CMM readMabCurveData Buffer Overflow Vulnerability -...

9.8CVSS8.5AI score0.96319EPSS
Exploits33References18
Tenable Nessus
Tenable Nessus
added 2009/12/10 12:0 a.m.38 views

Fedora 12 : nss-util-3.12.5-1.fc12.1 (2009-12968)

Update to 3.12.5 This update fixes the following security flaw: CVE-2009-3555 TLS: MITM attacks via session renegotiation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

9.8CVSS7.6AI score0.87264EPSS
Exploits14References3
myhack58
myhack58
added 2009/06/30 12:0 a.m.10 views

Using sslstrip to MiTM attacks(Bypass https)-bug warning-the black bar safety net

Everyone knows, including the network for MiTM attacks can allow an attacker to more efficiently intercepted within the network the user's password and secret information. In BackTrack use EtterCap or ArpSpoof tool. But Ettercap supports the Protocol, only HTTP, FTP, Telnet, SMTP, etc. in clear...

7.2AI score
Exploits0
Prion
Prion
added 2007/12/05 11:46 a.m.19 views

Design/Logic Flaw

The Web Proxy Auto-Discovery WPAD feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a second-level domain outside this configured DNS domain, which allows remote WPAD servers to conduct...

5.8CVSS7AI score0.16629EPSS
Exploits2References6Affected Software1
CVE
CVE
added 2007/04/16 10:0 p.m.107 views

CVE-2007-1558

CVE-2007-1558 describes a cryptographic weakness in APOP authentication that lowers MITM attack cost to recover passwords. Connected advisories show this affects multiple mail clients (e.g., Thunderbird/Icedove, Iceape, fetchmail) and related POP/ALOP implementations. Debian DSA-1305-1 and CentOS...

2.6CVSS7.7AI score0.02423EPSS
Exploits1References73Affected Software1
NVD
NVD
added 2007/03/24 12:19 a.m.16 views

CVE-2007-1644

The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle MITM attacks on web traffic,...

10CVSS6.6AI score0.32557EPSS
Exploits0References3
seebug.org
seebug.org
added 2007/03/24 12:0 a.m.14 views

Microsoft DNS Server (Dynamic DNS Updates) Remote Exploit

No description provided by source. / Exploiting Microsoft DNS Dynamic Updates for Fun and profit Andres Tarasco Acu?a - c 2007 Url: http://www.514.es By default, most Microsoft DNS servers integrated with active directory allow insecure dynamic updates for dns records. This feature allows remote...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/03/22 12:0 a.m.17 views

Microsoft DNS Server - Dynamic DNS UpdateChange

Microsoft DNS Server - Dynamic DNS UpdateChange / Exploiting Microsoft DNS Dynamic Updates for Fun and profit Andres Tarasco Acuña - c 2007 Url: http://www.514.es By default, most Microsoft DNS servers integrated with active directory allow insecure dynamic updates for dns records. This feature...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/03/22 12:0 a.m.26 views

Microsoft DNS Server (Dynamic DNS Updates) Remote Exploit

Exploit for unknown platform in category remote exploits ========================================================= Microsoft DNS Server Dynamic DNS Updates Remote Exploit ========================================================= / Exploiting Microsoft DNS Dynamic Updates for Fun and profit Andres...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/22 12:0 a.m.38 views

Microsoft DNS Server - Dynamic DNS Update/Change

/ Exploiting Microsoft DNS Dynamic Updates for Fun and profit Andres Tarasco Acuña - c 2007 Url: http://www.514.es By default, most Microsoft DNS servers integrated with active directory allow insecure dynamic updates for dns records. This feature allows remote users to create, change and delete...

7.4AI score
Exploits0
NVD
NVD
added 2006/12/31 5:0 a.m.15 views

CVE-2006-5867

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle MITM attacks...

7.8CVSS6AI score0.04255EPSS
Exploits0References37
NVD
NVD
added 2005/12/07 11:3 a.m.25 views

CVE-2005-4046

Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers to conduct...

4CVSS6.7AI score0.017EPSS
Exploits0References5
securityvulns
securityvulns
added 2001/02/16 12:0 a.m.51 views

BindView Advisory: MITM Attacks Against Novell NetWare

MITM Attacks Against Novell NetWare ----------------------------------- Issue Date: 15Feb2001 Contact: Simple Nomad [email protected] http://razor.bindview.com/publish/advisories/advNovellMITM.html Topic: ------ Man-in-the-middle Attack can reveal password hashes and private keys in...

7.1AI score
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.5 views

ROS-2-1905

2.1905 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Rows per page
Query Builder