216 matches found
CVE-2016-5007
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space...
Authorization
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space...
UBUNTU-CVE-2016-5007
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space...
DEBIAN-CVE-2016-5007
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space...
CVE-2016-5007
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space...
CVE-2016-5007
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space...
pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)
The compilebranch function in pcrecompile.c in PCRE 8.x before 8.39 and pcre2compile.c in PCRE2 before 10.22 mishandles patterns containing an ACCEPT substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based...
LMD - Linux Malware Detect
Linux Malware Detect LMD is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and...
[SECURITY] Fedora 21 Update: mutt-1.5.23-7.fc21
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
[SECURITY] Fedora 20 Update: mutt-1.5.23-4.fc20
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
Next Generation Snort IPS: Snort3
The Snort++ project has been hard at work for a while now and we have released the third alpha of the next generation Snort IPS Intrusion Prevention System. This file will show you what Snort++ has to offer and guide you through the steps from download to demo. If you are unfamiliar with Snort yo...
[SECURITY] Fedora 20 Update: mutt-1.5.23-1.fc20
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
ThinkSAAS SQL注入漏洞打包6-10
简要描述: 详细说明: 上个注入大礼包,终于走了一个大厂商! 看来还是打包来的划算,最后一个注入大礼包了。 这个漏洞完了,回给出修复方案,求给力! 第一处SQL注入 /app/group/action/add.php // 执行发布帖子 case "do" : if $POST 'token' != $SESSION 'token' tsNotice '非法操作!' ; $authcode = strtolower $POST 'authcode' ; if $TSSITE 'base' 'isauthcode' if $authcode != $SESSION 'verify'...
[ipset_list] ipset set listing wrapper script
Features: Calculate sum of set members and match on that count. List only members of a specified set. Choose a delimiter character for separating members. Show only sets containing a specific glob matching header. Arithmetic comparison on headers with an integer value. Match members using a...
nMap Vulnerability Scanner: Vulscan
Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version scip VulDB. Version 2.0 of Nmap NSE Vulscan is...
[Arachni v0.4.5.1-0.4.2] Open Source Web Application Security Scanner Framework
Arachni is a Free/Open Source project, the code is released under the Apache License Version 2.0 and you are free to use it as you see fit. Initially started as an educational exercise, it has since evolved into a powerful and modular framework allowing for fast, accurate and flexible...
[SECURITY] Fedora 19 Update: haproxy-1.4.23-2.fc19
HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...
[SECURITY] Fedora 17 Update: haproxy-1.4.22-1.fc17
HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...
Directory traversal
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. dot dot in a repository name...
Fedora Update for mutt FEDORA-2011-7739
Check for the Version of mutt OpenVAS Vulnerability Test Fedora Update for mutt FEDORA-2011-7739 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...