Lucene search
+L

129 matches found

RedHat Linux
RedHat Linux
added 2012/12/18 10:17 p.m.7 views

apache-cxf: Certain child policies of WS-SecurityPolicy 1.1 SupportingToken policy not applied on the client side

Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the 1 AlgorithmSuite, 2 SignedParts, 3 SignedElements, 4...

4.3CVSS7.4AI score0.03926EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/12/13 12:25 a.m.5 views

apache-cxf: Apache CXF does not verify that elements were signed / encrypted by a particular Supporting Token

Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors...

10CVSS6.5AI score0.04112EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2012/12/13 12:24 a.m.3 views

apache-cxf: Apache CXF does not verify that elements were signed / encrypted by a particular Supporting Token

Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors...

10CVSS6.5AI score0.04112EPSS
Exploits1References5
seebug.org
seebug.org
added 2012/06/09 12:0 a.m.69 views

Apache CXF Failed Element Verification(CVE-2012-2379)

No description provided by source. CVE-2012-2379: Apache CXF does not verify that elements were signed or encrypted by a particular Supporting Token. Severity: Important Vendor: The Apache Software Foundation Versions Affected: This vulnerability affects all released versions of Apache CXF...

10CVSS0.04112EPSS
Exploits1
The Hacker News
The Hacker News
added 2012/02/22 6:49 a.m.12 views

Call for Paper - DEF CON Rajasthan March 2012 Meet

Call for Paper - DEF CON Rajasthan March 2012 Meet DEF CON Rajasthan - March 2012 Jaipur Meet, Call For Papers is now officially Open and will close on March 10, 2012. DEF CON Rajasthan DC91141 is a DEF CON Registered group of people interested in exploring technology and it implications in...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2011/07/21 10:12 p.m.8 views

Jouve Group hacked by Inj3ct0r Team Against The Nato

Jouve Group hacked by Inj3ct0r Team Against The Nato Inj3ct0r Hackers Hacked the Jouve group websites and Upload there data at Sendspace Link . Message By hackers "For the Pride of Green LibyaAnd Supporting the Libyan Nation Against The Nato GangsWe are against terrorism and violence in Libya! Na...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2010/12/14 1:1 p.m.14 views

Free phone Calls To Land-line And Cellphones Anywhere In the World

There have been many services offering free international VOIP calls and most of them rely upon ad-supported funding to get things going, most of such services have closed there doors but there are still a few left. One such service Evaphone allows users to enjoy free international PC-To-Phone...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2007/07/23 12:0 a.m.139 views

Webspell 4.x Local File Inclusion

muH - $Title: Webspell 4.x Local File Inclusion Win $Damage Factor: Medium - High $Requires: Win Box & Php Supporting 00 $Discovered by muH $Usage: http://server.com/index.php?site=c:windowsrepairsam00...

7.2AI score
Exploits0
F5 Networks
F5 Networks
added 2007/01/16 12:0 a.m.258 views

SOL7009 - Statement on ACL bypass using trailing NULL byte - MNIN/NNL Advisory

A January 2007 security advisory describes several security issues present in some versions of FirePass software. One section in the document, titled ACL Filter bypass with URL de-normalization, states that Portal Access ACL filters can be bypassed if a user appends a trailing NULL byte after the...

Exploits0
Rows per page
Query Builder