DEBIAN-CVE-2013-1841

Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter...

CVE-2013-1841

Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter...

CVE-2013-1841

Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter...

UBUNTU-CVE-2013-1841

Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter...

Design/Logic Flaw

Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter...

PT-2014-2503 · Unknown +2 · Net-Server +2

Name of the Vulnerable Software and Affected Versions: Net-Server affected versions not specified Description: The issue allows remote attackers to potentially bypass ACL restrictions. This is possible when the reverse-lookups option is enabled and the hostname is used as a parameter, as the syst...

openSUSE Security Update : nfs-utils (openSUSE-SU-2013:1016-1)

This update of nfs-utils includes several bug and security fixes. - gssd-reverse-dns-fix: Allow DNS lookups to be avoided when determining kerberos identity of server. The GSSDOPTIONS sysconfig variable is added so that use of DNS can be enforced for sites that need it. bnc813464 CVE-2013-1923 -...

DarunGrim - A Patch Analysis and Binary Diffing Tool

DarunGrim is a binary diffing tool. DarunGrim is a free diffing tool which provides binary diffing functionality. Binary diffing is a powerful technique to reverse-engineer patches released by software vendors like Microsoft. Especially by analyzing security patches you can dig into the details o...

New Pandemiya Banking Trojan Written From Scratch

Brand new, written-from-scratch malware is a relatively rare undertaking on the underground. Aside from some private endeavors, source code is available for a number of popular Trojans, including Zeus, Citadel and Carberp, making it easy for attackers to simply grab one off the shelf and get...

Liffy - Local File Inclusion Exploitation Tool

Liffy is a tool written in Python designed to exploit local file inclusion vulnerabilities using three different techniques that will get you a working web shell. The first two make use of the built-in PHP wrappers php://input and data://. The third makes use of the process control extension call...

CVE-2014-0099

Removed by vendor...

CVE-2014-0099

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header...

UBUNTU-CVE-2014-0099

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header...

Apache Patches Bugs in Tomcat

Apache recently patched Tomcat, fixing a trio of information disclosure bugs and a denial of service bug in the open source web server and servlet container. The denial of service bug, discovered in February by David Jorm of the Red Hat Security Response Team, could have allowed an attacker to...

Apache Tomcat 6.0.x < 6.0.40 Multiple Vulnerabilities

According to its self-reported version number, the instance of Apache Tomcat 6.0.x listening on the remote host is prior to 6.0.40. It is, therefore, affected by the following vulnerabilities : - An error exists related to chunk size and chunked requests that allows denial of service attacks...

tomcat -- multiple vulnerabilities

Tomcat Security Team reports: Tomcat does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference,...

Tilt - Terminal Ip Lookup Tool

Tilt: Terminal ip lookup tool, is an easy and simple open source tool implemented in Python for ip/host passive reconnaissance. It's very handy for first reconnaissance approach and for host data retrieval. Features Host to IP conversion IP to Host conversion DNS to IPs GeoIP Translation Extensiv...

Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability &amp; Editor Reverse Encoding Issue

Document Title: =============== Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1256 Video: http://www.vulnerability-lab.com/getcontent.php?id=1257 Release Dat...

python-django: unexpected code execution using reverse()

The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path."...

python-django: unexpected code execution using reverse()

The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path."...