http-robtex-reverse-ip NSE Script

Obtains up to 100 forward DNS names for a target IP address by querying the Robtex service . TEMPORARILY DISABLED due to changes in Robtex's API. See Script Arguments http-robtex-reverse-ip.host IPv4 address of the host to lookup slaxml.debug See the documentation for the slaxml library. http.hos...

RedHat Update for httpd RHSA-2011:1392-01

Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2011:1392-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

httpd: reverse web proxy vulnerability

The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to...

httpd: reverse web proxy vulnerability

The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to...

Moderate: Red Hat Security Advisory: httpd security and bug fix update

Updated httpd packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Apache Httpd < 2.2.22 : mod_proxy reverse proxy exposure

An additional exposure was found when using modproxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web...

Multi Manage System Remote TCP Shell Session

This module will create a Reverse TCP Shell on the target system using the system's own scripting environments installed on the target. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multi...

Jynx Kit (LD_PRELOAD) Userland Rootkit Released

Jynx Kit LDPRELOAD Userland Rootkit Released Jynx Kit is a LDPRELOAD userland rootkit. Fully undetectable from chkrootkit and rootkithunter. Includes magic packet SSL reverse back connect shell based on SEQ/ACK numbers in a single packet. Solid building block for further LDPRELOAD rootkits...

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...

FreeBSD : nwclient -- multiple vulnerabilities (d177d9f9-e317-11d9-8088-00123f0f7307)

Insecure file permissions, network access control and DNS usage put systems that use Legato NetWorker at risk. When the software is running, several files that contain sensitive information are created with insecure permissions. The information exposed include passwords and can therefore be used...

Multi Gather DNS Reverse Lookup Scan

Performs DNS reverse lookup using the OS included DNS query command. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multi Gather DNS Reverse Lookup Scan', 'Description' = %q Performs DNS rever...

Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC

No description provided by source. !/usr/bin/env python import socket import string import getopt, sys knownports = 0,21,22,23,25,53,69,80,110,137,139,443,445,3306,3389,5432,5900,8080 def sendrequesturl, apachetarget, apacheport, internaltarget, internalport, resource: get = "GET " + url + "@" +...

Apache mod_proxy - Reverse Proxy Exposure

!/usr/bin/env python import socket import string import getopt, sys knownports = 0,21,22,23,25,53,69,80,110,137,139,443,445,3306,3389,5432,5900,8080 def sendrequesturl, apachetarget, apacheport, internaltarget, internalport, resource: get = "GET " + url + "@" + internaltarget + ":" + internalport...

Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability

Apache HTTP Server is prone to an information disclosure vulnerability. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability

Apache HTTP Server is prone to an information disclosure vulnerability. An attacker can exploit this vulnerability to gain access to sensitive information. OpenVAS Vulnerability Test $Id: gbapache49957.nasl 5424 2017-02-25 16:52:36Z teissa $ Apache HTTP Server 'modproxy' Reverse Proxy Information...

Apache mod_proxy - Reverse Proxy Exposure

Apache modproxy - Reverse Proxy Exposure !/usr/bin/env python import socket import string import getopt, sys knownports = 0,21,22,23,25,53,69,80,110,137,139,443,445,3306,3389,5432,5900,8080 def sendrequesturl, apachetarget, apacheport, internaltarget, internalport, resource: get = "GET " + url +...

Apache Reverse Proxy Bypass Vulnerability Scanner

Scan for poorly configured reverse proxy servers. By default, this module attempts to force the server to make a request with an invalid domain name. Then, if the bypass is successful, the server will look it up and of course fail, then responding with a status code 502. A baseline status code is...

Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC

Exploit for multiple platform in category remote exploits !/usr/bin/env python import socket import string import getopt, sys knownports = 0,21,22,23,25,53,69,80,110,137,139,443,445,3306,3389,5432,5900,8080 def sendrequesturl, apachetarget, apacheport, internaltarget, internalport, resource: get ...