HTTPS Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/peinject/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show options...

HTTPS Fetch

Fetch and execute an x86 payload from an HTTPS server. Module Options msf use payload/cmd/windows/https/x86/formatalldrives msf payloadformatalldrives show actions ...actions... msf payloadformatalldrives set ACTION msf payloadformatalldrives show options ...show and set options... msf...

HTTPS Fetch, Reverse TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/patchupmeterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and s...

HTTPS Fetch, Windows x86 Bind Named Pipe Stager

Fetch and execute an x86 payload from an HTTPS server. Listen for a pipe connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/meterpreter/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show...

HTTPS Fetch, Bind TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Listen for a connection No NX Module Options msf use payload/cmd/windows/https/x86/dllinject/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show options ...show and set...

HTTPS Fetch, Linux Reboot

Fetch and execute an RISC-V 64-bit payload from an HTTPS server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/https/riscv64le/reboot msf...

EUVD-2025-204620

The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and...

CVE-2018-20809

A crafted message can cause the web server to crash with Pulse Secure Pulse Connect Secure PCS 8.3RX before 8.3R5 and Pulse Policy Secure 5.4RX before 5.4R5. This is not applicable to PCS 8.1RX...

Vulnerability in License Server and Snap-in for Desktop Studio, aka Heartbleed

Secure Configuration of Licensing Heartbleed Update In response to the recent Heartbleed vulnerability in OpenSSL CVE-2014-0160 Citrix released a security advisory, CTX140605, advising customers of its potential effects on some Citrix Licensing components. As part of the Citrix response to this...

CVE-2022-29884

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C All versions CPC80 V16.30, CP-8000 MASTER MODULE WITH I/O -40/+70°C All versions CPC80 V16.30, CP-8021 MASTER MODULE All versions CPC80 V16.30, CP-8022 MASTER MODULE WITH GPRS All versions CPC80 V16.30. When using the...

Oracle Siebel CRM Siebel UI Framework Unauthorized Read Vulnerability

Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions. The program includes sales management, marketing management, customer service systems, call center modules. Siebel UI Framework is one of the user interface framework components. A...

Arbitrary Code Execution

mozilla nss is vulnerable to arbitrary code execution. Two buffer overflow flaws were found in the Network Security Services NSS code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running Thunderbird...

[security bulletin] HPSBOV02506 SSRT090244 rev.1 - HP Secure Web Server for OpenVMS (based on Apache) CSWS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02002308 Version: 1 HPSBOV02506 SSRT090244 rev.1 - HP Secure Web Server for OpenVMS based on Apache CSWS, Remote Denial of Service DoS, Unauthorized Disclosure of Information, Unauthorized...

Fedora Update for lighttpd FEDORA-2008-3343

Check for the Version of lighttpd OpenVAS Vulnerability Test Fedora Update for lighttpd FEDORA-2008-3343 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for lighttpd FEDORA-2008-2262

Check for the Version of lighttpd OpenVAS Vulnerability Test Fedora Update for lighttpd FEDORA-2008-2262 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[security bulletin] HPSBTU02382 SSRT080132 rev.1 - HP Secure Web Server for Tru64 UNIX or Internet Express for Tru64 UNIX running PHP, Remote Denial of Service (DoS) or Arbitrary Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01599836 Version: 1 HPSBTU02382 SSRT080132 rev.1 - HP Secure Web Server for Tru64 UNIX or Internet Express for Tru64 UNIX running PHP, Remote Denial of Service DoS or Arbitrary Code Execution...

HP Secure Web Server / HP Internet Express for Tru64 UNIX memory corruption

No description provided...

[SECURITY] Fedora 7 Update: lighttpd-1.4.18-1.fc7

Secure, fast, compliant and very flexible web-server which has been optimiz ed for high-performance environments. It has a very low memory footprint compa red to other webservers and takes care of cpu-load. Its advanced feature-set FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many mo...

Authorization

Sun Java System Web Server 6.1 before 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List CRL authorization control and access secure web server instances running under an account different from that used for the admin server via...

Important: Red Hat Security Advisory: : Updated mailman packages close cross-site scripting vulnerability

Updated mailman packages are now available for Red Hat Secure Web Server 3.2 U.S.. These updates close a cross-site scripting vulnerability present in mailman versions prior to version 2.0.12. Mailman versions prior to 2.0.12 contain a cross-site scripting vulnerability in the processing of inval...