746 matches found
Nagios XI Autodiscovery Arbitrary Command Execution
An arbitrary command execution vulnerability has been reported in Nagios XI. The vulnerability is due to insufficient validation of incoming requests sent to the Autodiscovery module. The vulnerability can be exploited by an authenticated attacker by submitting a maliciously crafted job to the...
Authentication flaw
modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...
mod_cluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list
modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...
mod_cluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list
modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...
mod_cluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list
modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...
mod_cluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list
modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...