at32 Reverse Proxy Detection

The admin console for the at32 Reverse Proxy software was detected on the remote host. at32 Reverse Proxy allows you to host several websites on a single IP or port. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58602; scriptversion"1.5"; scriptcvsdate"Date:...

at32 Reverse Proxy Admin Portal No Password

The admin console for the at32 Reverse Proxy software does not require a login password. This can allow a remote attacker to change the reverse proxy rules without having to authenticate. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58603; scriptversion"$Revision:...

Fedora Update for nginx FEDORA-2011-16075

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2011-16075 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora Update for nginx FEDORA-2012-4006

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2012-4006 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Fedora Update for nginx FEDORA-2012-3991

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2012-3991 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

[SECURITY] Fedora 15 Update: nginx-1.0.14-1.fc15

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

at32 Reverse Proxy Multiple HTTP Header Fields DoS Vulnerability

at32 Reverse Proxy is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improve the default SSL cipherset in standalone JIRA setup

We are concerned about 'SSL Weak Cipher Suites Supported' and 'SSL Medium Strength Cipher Suites Suppored'. Any suggestions would be helpful...

Improve the default SSL cipherset in standalone JIRA setup

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-27681. panel We are concerned about 'SSL Weak Cipher Suites Supported' and 'SSL Medium Strength Cipher Suites Suppored'. Any suggestions wou...

Improve the default SSL cipherset in standalone JIRA setup

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-27681. panel We are concerned about 'SSL Weak Cipher Suites Supported' and 'SSL Medium Strength Cipher Suites Suppored'. Any suggestions woul...

nginx < 1.0.10 ngx_resolver_copy Function DNS Response Parsing Buffer Overflow

The remote web server is running nginx, a lightweight, high performance web server / reverse proxy and email IMAP/POP3 proxy. According to its Server response header, the installed version of nginx is earlier than 1.0.10 and is, therefore, affected by a heap-based buffer overflow vulnerability. A...

at32 ReverseProxy - Multiple HTTP Header Field Denial Of Service Vulnerability

Title: at32 Reverse Proxy - Multiple HTTP Header Field Denial Of Service Vulnerability Product : at32 Reverse Proxy Version : v1.060.310 Vendor: http://www.at32.com/doc/rproxy.htm Class: Boundary Condition Error CVE: Remote: Yes Local: No Published: 2012-03-14 Updated: Impact : Medium CVSS2 Base ...

at32 reverse proxy buffer overflow

Buffer overflow on headers parsing...

at32 Reverse Proxy 1.060.310 Denial Of Service

Title: at32 Reverse Proxy - Multiple HTTP Header Field Denial Of Service Vulnerability Product : at32 Reverse Proxy Version : v1.060.310 Vendor: http://www.at32.com/doc/rproxy.htm Class: Boundary Condition Error CVE: Remote: Yes Local: No Published: 2012-03-14 Updated: Impact : Medium CVSS2 Base ...

Apache 2.4 Comes Out, Major update after 6 years

Apache 2.4 Comes Out, Major update after 6 years The Apache Software Foundation officially released the Apache 2.4 today as the first major update to this leading open-source web-server in more than a half-decade. Apache 2.4 is slated to deliver superior performance to its 2.2 predecessor and...

httpd: http 0.9 request bypass of the reverse proxy vulnerability CVE-2011-3368 fix

The modproxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

PT-2024-1487

Name of the Vulnerable Software and Affected Versions aiohttp versions prior to 3.9.2 python3-aiohttp versions prior to 3.6.2-1ubuntu1+esm3 python3-module-aiohttp versions prior to 3.9.5-alt1 python310-aiohttp versions prior to 3.9.3-1.1 Description aiohttp is an asynchronous HTTP client/server...

Medium: httpd

Issue Overview: It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2012:0128 Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...