httpd: mod_proxy reverse proxy DoS (infinite loop)

The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...

Code injection

The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...

DEBIAN-CVE-2009-1890

The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...

NameLess the back door of technical analysis full-contact-vulnerability warning-the black bar safety net

NameLess's name should be heard of it, estimated there are quite a lot of people used it, personally think that this back door is very classic, we'll simply look at about it description: there is only one DLL file, usually do not start in the mouth,can be a reverse connection back door program...

Sun Java System Web Proxy Server Vulnerabilities (Windows)

This host has Sun Java Web Server running on Linux, which is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservxssvulnlin.nasl 5158 2017-02-01 14:53:04Z mime $ Sun Java System Web Server XSS Vulnerability Linux Authors: Sharath S Copyright: Copyright ...

Sun Java System Web Proxy Server Vulnerabilities - Windows

Sun Java Web Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulture Reverse Proxy Detection

This web server appears to be protected by a Vulture reverse proxy as it has a script for Vulture's login page. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid39328; scriptversion"1.7"; scriptnameenglish:"Vulture Reverse Proxy Detection";...

Cross site scripting

Cross-site scripting XSS vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error...

CVE-2009-1934

Cross-site scripting XSS vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error...

CVE-2009-1934

Cross-site scripting XSS vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error...

32bit FTP (09.04.24) - CWD Response Universal Overwrite (SEH)

32bit FTP 09.04.24 - CWD Response Universal Overwrite SEH !/usr/bin/python | || | / \ | | | | | | | | | - | | | / / | | |||| || // / |\ || Bug : 32bit FTP 09.04.24 CWD Response Universal Seh Overwrite Exploit Refer : http://www.milw0rm.com/exploits/8611 Tested on : Xp sp3 ENVB Exploited by :...

Dokeos LMS 1.8.5 PHP Code Injection

striptags$el2'; 108. break; 109. case SORTSTRING : 110. $comparefunction = 'strnatcmpTableSort::orderingstringstriptags$el1...

Dokeos LMS <= 1.8.5 (whoisonline.php) PHP Code Injection Exploit

No description provided by source. ?php / ----------------------------------------------------------------------- Dokeos LMS = 1.8.5 whoisonline.php Remote PHP Code Injection Exploit ----------------------------------------------------------------------- author...: EgiX mail.....:...

Dokeos LMS <= 1.8.5 (whoisonline.php) PHP Code Injection Exploit

Exploit for unknown platform in category web applications ================================================================ Dokeos LMS = 1.8.5 whoisonline.php PHP Code Injection Exploit ================================================================ ?php /...

Microsoft ISA Server / Forefront Threat Management Gateway DoS

DoS with TCP connections to reverse HTTP proxy, crossite scripting...

Oracle WebLogic IIS connector JSESSIONID - Remote Overflow

!/usr/bin/perl No point in keeping this private anymore! ksOSe - 02/16/2009 - CVE-2008-5457 Tested on w2k sp4 and w2k3 R2 sp2 no NX cohelet framework-3.2 ./msfcli multi/handler PAYLOAD=windows/reflectivemeterpreter/reversetcp LHOST=10.10.10.1 LPORT=80 E Please wait while we load the module tree...

Ken "Skywing" Johnson joins Microsoft security team

Microsoft has hired yet another well-known security researcher to join its ever-growing team of exploit and defense experts. This time it’s Ken Johnson, known in the hacker world as Skywing. Johnson is known as an expert on debugging and reverse engineering, and has done a tremendous amount of wo...

Mac OS X Inject Mach-O Bundle, Reverse TCP Stager

Inject a custom Mach-O bundle into the exploited process. Connect, read length, read buffer, execute This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework ReverseTcp ------- Mac OS X x86 Reverse TCP stager. module...

OS X (vfork) Command Shell, Reverse TCP Inline

Connect back to attacker, vfork if necessary, and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 131 include Msf::Payload::Single include Msf::Payload::Osx...

Mac OS X x86 iSight Photo Capture, Reverse TCP Stager

Inject a Mach-O bundle to capture a photo from the iSight staged. Connect, read length, read buffer, execute This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework ReverseTcp ------- Mac OS X x86 Reverse TCP stager. module...