215 matches found
[SECURITY] Fedora 14 Update: mutt-1.5.21-5.fc14
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
[SECURITY] Fedora 15 Update: mutt-1.5.21-5.fc15
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
Nmap NSE net: http-enum
Enumerates directories used by popular web applications and servers. This parses a fingerprint file that's formatted in a way that's compatible with the Nikto Web application scanner. This script, however, takes it one step further by building in advanced pattern matching as well as having the...
[SECURITY] Fedora 12 Update: stardict-3.0.1-20.fc12
StarDict is a Cross-Platform and international dictionary written in Gtk2. It has powerful features such as "Glob-style pattern matching," "Scan selection word," "Fuzzy query," etc...
http-enum NSE Script
Enumerates directories used by popular web applications and servers. This parses a fingerprint file that's similar in format to the Nikto Web application scanner. This script, however, takes it one step further by building in advanced pattern matching as well as having the ability to identify...
[SECURITY] Fedora 11 Update: mutt-1.5.19-5.fc11
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
Snort <= 2.4.0 SACK TCP Option Error Handling
Snort = 2.4.0 SACK TCP Option Error Handling Package: Snort 2.4.0 And previous versions Vendor url: http://www.snort.org Class: Error Handling Exceptional Conditions Risk: High Credits: A. Alejandro Hernndez Hernndez Contact: nitrousatvulnfactdotcom BACKGROUND Snort is an open source network...
CVE-2004-0711
The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "" as wildcards as if they were the legal "/" pattern, which could cause WebLogic 7.x to allow remote attackers to bypass intended access restrictions because the illegal patterns are properly rejected...
CVE-2004-0711
The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "" as wildcards as if they were the legal "/" pattern, which could cause WebLogic 7.x to allow remote attackers to bypass intended access restrictions because the illegal patterns are properly rejected...
CVE-2004-0711
The CVE describes a flaw in BEA WebLogic Server 6.x URL pattern matching where illegal patterns ending in “” are treated as the legal “/ ” wildcard. This could allow WebLogic 7.x to bypass access restrictions because these illegal patterns are (purportedly) rejected but effectively treated as all...
BEA WebLogic Server contains a vulnerability in the URL pattern matching
Overview There is a vulnerability in the URL pattern matching functionality of BEA WebLogic Server that could allow URL restrictions to be bypassed. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating, securing, and...
blackicepro.txt
Hi! I'm using BlackICE PC Protection formerly known as BlackICE Defender for a very long time1, 2. It is one of my favorite hostbased intrusion detection systems and personal firewall for windows. During some tests for a paper on cross site scripting I've seen that there is an evasion possibility...
CVE-2003-0106
The CVE-2003-0106 entry concerns Symantec Enterprise Firewall (SEF) 7.0 HTTP proxy URL pattern matching that can be bypassed when requests are URL-encoded (escapes, Unicode, UTF-8). The issue allows proxy users to bypass blocked URL pattern matching, enabling access to URLs that should be blocked...
Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue
-- Corsaire Security Advisory -- Title: Symantec Enterprise Firewall SEF HTTP URL pattern evasion issue Date: 24.02.03 Application: Symantec Enterprise Firewall SEF 7.0 Environment: Windows NT 4.0, Windows 2000, Author: Martin O'Neal [email protected] Audience: General Distribution -- Sco...
Lotus Domino Default Navigator Protection By-pass (#NISR29102001B)
NGSSoftware Insight Security Research Advisory Name: Lotus Domino Default Navigator Protection By-pass Systems Affected: Lotus Domino Web Server 5.x on all operating systems Severity: Low Vendor URL: http://www.lotus.com/ Author: David Litchfield [email protected] Date: 29th October 2001 Adviso...