60 matches found
rubygem-sinatra: XSS in the 400 Bad Request page
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception...
Hashicorp Consul Remote Command Execution via Services API
This module exploits Hashicorp Consul's services API to gain remote command execution on Consul nodes. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Hashicorp Consul Remote Command Execution...
Node.js Improper Input Validation Vulnerability (Mar 2018) - Mac OS X
Node.js is prone to an improper input validation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...
Palo Alto Networks Firewalls - Root Remote Code Execution
This is a public advisory for CVE-2017-15944 which is a remote root code execution bug in Palo Alto Networks firewalls. Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on: PAN-OS 6.1.18 and earlier, PAN-OS...
MGASA-2017-0327 Updated botan packages fix security vulnerability
Aleksandar Nikolic discovered that an error in the x509 parser of the Botan crypto library could result in an out-of-bounds memory read, resulting in denial of service or an information leak if processing a malformed certificate CVE-2017-2801...
SUSE-SU-2017:1473-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service bsc1039514 - CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service bsc1039515 - IKEv1 protocol is vulnerable to DoS...
SUSE-SU-2017:1471-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service bsc1039514 - CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service bsc1039515...
CVE-2015-7942
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...
GLSA-201412-46 : LittleCMS: Denial of Service
The remote host is affected by the vulnerability described in GLSA-201412-46 LittleCMS: Denial of Service Multiple stack-based buffer overflows and a profile parser error have been found in LittleCMS. Impact : A remote attacker could entice a user or automated system to open a specially crafted...
Code injection
The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted function definition, as demonstrated by an atta...
CVE-2013-3735
The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted function definition, as demonstrated by an atta...
CVE-2013-3735
The CVE-2013-3735 issue affects the Zend Engine in PHP prior to 5.4.16 RC1 and 5.5.0 prior to RC2. The bug stems from the engine not reliably determining whether a parser error occurred, allowing context-dependent attackers to trigger a denial of service via a crafted function definition in share...
CVE-2013-3735
The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted function definition, as demonstrated by an atta...
OpenOffice EMF File Parser Remote Command Execution Vulnerability (Linux)
The host has OpenOffice installed and is prone to Remote Command Execution Vulnerability OpenVAS Vulnerability Test $Id: secpodopenofficeemffileparservulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ OpenOffice EMF File Parser Remote Command Execution Vulnerability Linux Authors: Antu Sanadi...
myserver-disclose.txt
The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files. Found By:Shay Priel aka Prili site: http://www.myserverproject.net/ poc: ---- http://localhost/cgi-bin/post.mscgI I -...
SHTTPD V1.38 server source code disclosure
SHTTPD V1.38 server source code disclosure ------------------------------------ link:http://shttpd.sourceforge.net/ info: The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files...
MyServer-0.8.9 - source code disclosure
The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files. Found By:Shay Priel aka Prili site: http://www.myserverproject.net/ poc: ---- http://localhost/cgi-bin/post.mscgI I -...
HTTP SERVER (httpsv1.6.2) source code disclosure
HTTP SERVER httpsv1.6.2 source code disclosure http://httpsv.sourceforge.net/ The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files. POC: http://127.0.0.1/test.htm20 Bug Found...
CVE-2007-0157
Array index error in the urilookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service crash via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error tha...
security flaw
Buffer overflow in the mailvalidnetparsework function in mail.c for Washington's IMAP Server UW-IMAP before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote " character without a closing quote, which causes bytes after the double-quo...