Lucene search
K

165 matches found

RedHat Linux
RedHat Linux
added 2012/01/18 7:16 p.m.6 views

mod_cluster: malicious worker nodes can register on any vhost

modcluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from ...

7.5CVSS6AI score0.03197EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/01/18 7:16 p.m.32 views

Important: Red Hat Security Advisory: mod_cluster-native security update

Updated modcluster packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...

7.5CVSS5.8AI score0.03197EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2012/01/18 7:16 p.m.7 views

mod_cluster: malicious worker nodes can register on any vhost

modcluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from ...

7.5CVSS6AI score0.03197EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/01/18 7:16 p.m.32 views

Important: Red Hat Security Advisory: mod_cluster-native security update

An update for the modcluster native component for JBoss Enterprise Web Server 1.0.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

7.5CVSS5.8AI score0.03197EPSS
Exploits1References3
CVE
CVE
added 2006/08/29 12:0 a.m.43 views

CVE-2006-4431

CVE-2006-4431 affects Zend Platform (Session Clustering Daemon) and the mod_cluster module; versions 2.2.1 and earlier are vulnerable. The issue is multiple buffer overflows triggered by a PHPSESSID that is empty or crafted, allowing remote attackers to crash the service (DoS) or potentially exec...

7.5CVSS8AI score0.04382EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder