Hsecscan - A Security Scanner For HTTP Response Headers

hsecscan A security scanner for HTTP response headers. Requirements Python 2.x Usage $ ./hsecscan.py usage: hsecscan.py -h -P -p -u URL -R -U User-Agent -d 'POST data' -x PROXY A security scanner for HTTP response headers. optional arguments: -h, --help show this help message and exit -P,...

Oracle Solaris Third-Party Patch Update : perl-512 (cve_2012_5195_heap_buffer)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the Perlrepeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service...

Oracle Linux 5 / 6 : perl (ELSA-2013-0685)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0685 advisory. - Resolves: 915692 - CVE-2012-5526 newline injection due to improper CRLF escaping in Set-Cookie and P3P headers - Resolves: 915692 - CVE-2012-6329...

Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)

The host is installed with Active Perl and is prone to HTTP header injection vulnerability. OpenVAS Vulnerability Test $Id: gbactiveperlcgipmmoduleheaderinjevulnwin.nasl 6086 2017-05-09 09:03:30Z teissa $ Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability Windows Author...

Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)

The host is installed with Strawberry Perl and is prone to HTTP header injection vulnerability. OpenVAS Vulnerability Test $Id: gbperlcgipmmoduleheaderinjevulnwin.nasl 6074 2017-05-05 09:03:14Z teissa $ Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability Windows...

Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability - Windows

Strawberry Perl is prone to HTTP header injection vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2587-1 : libcgi-pm-perl - HTTP header injection

It was discovered that the CGI module for Perl does not filter LF characters in the Set-Cookie and P3P headers, potentially allowing attackers to inject HTTP headers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

USN-1643-1: Perl vulnerabilities

It was discovered that the decodexs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. CVE-2011-2939 It was discovered that the 'new' constructor in the Digest module is...

Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : perl vulnerabilities (USN-1643-1)

It was discovered that the decodexs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. CVE-2011-2939 It was discovered that the 'new' constructor in the Digest module is...

Microsoft Says Google Bypassing Users' IE Privacy Settings

The relations among Microsoft, Apple and Google, which are testy in the best of circumstances, are being pressured even more of late as the controversy surrounding Google’s actions with cookies and user tracking grows. In the latest installment, Microsoft has said that it has found that Google “i...