Lucene search
K

165 matches found

RedHat Linux
RedHat Linux
added 2015/08/18 6:48 p.m.5 views

mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages

A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...

4.3CVSS7.4AI score0.01846EPSS
Exploits0References4
CNVD
CNVD
added 2015/05/07 12:0 a.m.10 views

mod_cluster Web Interface MCMP mod_manager Message Handling Cross-Site Scripting Vulnerability

modcluster is an httpd-based load balancing project can proxy requests to a cluster of Tomcat-based web servers. A cross-site scripting vulnerability exists in the modcluster web interface MCMP modmanager message handling, which can be exploited by remote attackers to inject malicious script or...

4.3CVSS6.2AI score0.01846EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/05/05 6:55 p.m.3 views

mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages

A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...

4.3CVSS7.4AI score0.01846EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/04/16 4:13 p.m.4 views

mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages

A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...

4.3CVSS7.4AI score0.01846EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.27 views

RHEL 5 / 6 : mod_cluster (RHSA-2012:1166)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1166 advisory. - modcluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list CVE-2012-1154 Note...

4.3CVSS5.5AI score0.02592EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2014/08/21 3:29 p.m.64 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 update

Red Hat JBoss Web Server 2.1.0, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

6.8CVSS7AI score0.85744EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2014/07/03 5:1 p.m.58 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat7 security update

Updated tomcat7 packages that fix three security issues are now available for Red Hat JBoss Web Server 2.0.1 on Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...

5CVSS6.7AI score0.2006EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/05/21 4:6 p.m.55 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat7 security update

Updated tomcat7 packages that fix three security issues are now available for Red Hat JBoss Web Server 2.0.1 on Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...

7.5CVSS6.5AI score0.83175EPSS
Exploits12References4
RedHat Linux
RedHat Linux
added 2014/05/21 3:45 p.m.50 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat6 security update

Updated tomcat6 packages that fix multiple security issues are now available for Red Hat JBoss Web Server 2.0.1 on Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

7.5CVSS6.5AI score0.83175EPSS
Exploits13References5
RedHat Linux
RedHat Linux
added 2014/05/21 3:45 p.m.61 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat6 security update

An update for the Apache Tomcat 6 component for Red Hat JBoss Web Server 2.0.1 that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CV...

7.5CVSS6.5AI score0.83175EPSS
Exploits13References6
RedHat Linux
RedHat Linux
added 2013/07/03 3:38 p.m.51 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 update

Red Hat JBoss Web Server 2.0.1, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

6.8CVSS7.2AI score0.22913EPSS
Exploits8References8
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.35 views

RHEL 5 / 6 : mod_cluster (RHSA-2012:1052)

Updated modcluster packages that fix one security issue are now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CV...

4.3CVSS5.7AI score0.02592EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.29 views

RHEL 5 / 6 : mod_cluster-native (RHSA-2012:0037)

An updated modcluster-native package that fixes one security issue is now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scorin...

7.5CVSS5.5AI score0.03197EPSS
Exploits1References4
NVD
NVD
added 2012/10/22 11:55 p.m.30 views

CVE-2012-1154

modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...

4.3CVSS6.7AI score0.02592EPSS
Exploits0References10
Prion
Prion
added 2012/10/22 11:55 p.m.22 views

Authentication flaw

modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...

4.3CVSS7.3AI score0.02592EPSS
Exploits0References10Affected Software2
CVE
CVE
added 2012/10/22 11:0 p.m.69 views

CVE-2012-1154

CVE-2012-1154 concerns mod_cluster, where a regression in JBoss Enterprise Web Platform 5.1.2 causes the server root context to be registered and exposed by default when ROOT is in the excludedContexts list. This allows remote attackers to bypass access restrictions and access applications deploy...

4.3CVSS6.7AI score0.02592EPSS
Exploits0References10Affected Software2
Cvelist
Cvelist
added 2012/10/22 11:0 p.m.42 views

CVE-2012-1154

modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...

6.7AI score0.02592EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2012/08/13 3:54 p.m.37 views

Moderate: Red Hat Security Advisory: mod_cluster security update

Updated modcluster packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

4.3CVSS5.9AI score0.02592EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2012/08/13 3:54 p.m.5 views

mod_cluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list

modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...

4.3CVSS5.9AI score0.02592EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/03 9:3 a.m.33 views

Moderate: Red Hat Security Advisory: mod_cluster security update

Updated modcluster packages that fix one security issue are now available for JBoss Enterprise Web Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

4.3CVSS5.8AI score0.02592EPSS
Exploits0References5
Rows per page
Query Builder