Lucene search
K

3709 matches found

Prion
Prion
added 2010/01/20 4:30 p.m.43 views

Design/Logic Flaw

Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...

10CVSS6.6AI score0.03573EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2010/01/20 4:0 p.m.39 views

CVE-2010-0360

Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...

6.2AI score0.03138EPSS
Exploits1References2
CVE
CVE
added 2010/01/20 4:0 p.m.71 views

CVE-2010-0360

The Sun Java System Web Server 7.0 Update 7 contains a heap-based memory overflow in the HTTP TRACE path. Specifically, a malformed TRACE request with a long URI and many empty headers can cause heap corruption and expose memory contents, enabling remote attackers to overwrite and read heap memor...

10CVSS6AI score0.03138EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2010/01/15 12:0 a.m.35 views

Mandriva Update for apache-conf MDVSA-2009:300-2 (apache-conf)

Check for the Version of apache-conf OpenVAS Vulnerability Test Mandriva Update for apache-conf MDVSA-2009:300-2 apache-conf Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

4.3CVSS0.1AI score0.01684EPSS
Exploits1References2
Fedora
Fedora
added 2009/12/11 6:14 p.m.48 views

[SECURITY] Fedora 12 Update: ntp-4.2.4p8-1.fc12

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

6.4CVSS1.3AI score0.32288EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2009/12/04 12:0 a.m.34 views

Mandriva Linux Security Advisory : wireshark (MDVSA-2009:292-1)

"Vulnerabilities have been discovered and corrected in wireshark, affecting DCERPC/NT dissector, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a file that records a malformed packet trace CVE-2009-3550 %NASLMINLEVEL 70300 C Tenable...

9.3CVSS5.4AI score0.06075EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2009/11/26 12:0 a.m.32 views

McAfee Visual Trace ActiveX Control Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'McAfee Visua...

7.5CVSS0.8AI score0.54325EPSS
Exploits3
myhack58
myhack58
added 2009/11/20 12:0 a.m.23 views

Penetration in the end we should scan what is useful information-vulnerability warning-the black bar safety net

"T. S. T"the Information Security Team'blog If the penetration we need to scan what information? Then the statement could be more, but the routine will scan the following information: 1. The target on the network host IP address 2. The host system can access the UDP or TCP port 3. On the target...

0.6AI score
Exploits0
Prion
Prion
added 2009/11/10 7:30 p.m.16 views

Cross site scripting

The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting XSS attacks via unspecified web client software...

4.3CVSS5.6AI score0.01684EPSS
Exploits1References5Affected Software2
Cvelist
Cvelist
added 2009/11/10 7:0 p.m.83 views

CVE-2009-2823

The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting XSS attacks via unspecified web client software...

6.5AI score0.01684EPSS
Exploits1References5
CVE
CVE
added 2009/11/10 7:0 p.m.75 views

CVE-2009-2823

CVE-2009-2823 affects Apache HTTP Server on Mac OS X prior to 10.6.2, where TRACE was enabled by default. This allows remote attackers to perform cross-site scripting (XSS) via unspecified web client software. The vulnerability is documented in vendor advisories (Apple/Mac OS X update) and is rei...

4.3CVSS5.9AI score0.01684EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2009/10/30 8:30 p.m.20 views

Null pointer dereference

The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party...

4.3CVSS6.5AI score0.02493EPSS
Exploits2References13Affected Software1
Prion
Prion
added 2009/10/30 8:30 p.m.18 views

Code injection

packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service application crash via a file that records a malformed packet trace...

5CVSS6.7AI score0.02599EPSS
Exploits2References9Affected Software1
UbuntuCve
UbuntuCve
added 2009/10/30 8:30 p.m.23 views

CVE-2009-3549

packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service application crash via a file that records a malformed packet trace...

5CVSS5.9AI score0.02599EPSS
Exploits2References2
OSV
OSV
added 2009/10/30 8:30 p.m.1 views

DEBIAN-CVE-2009-3549

packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service application crash via a file that records a malformed packet trace...

5CVSS6.4AI score0.02599EPSS
Exploits2References1
OSV
OSV
added 2009/10/30 8:30 p.m.2 views

DEBIAN-CVE-2009-3550

The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party...

4.3CVSS6.3AI score0.02493EPSS
Exploits2References1
Debian CVE
Debian CVE
added 2009/10/30 8:5 p.m.24 views

CVE-2009-3551

Off-by-one error in the dissectnegprotresponse function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service application crash via a file that records a malformed packet trace. NOTE: some of these details are obtained from thir...

5CVSS6.3AI score0.01547EPSS
Exploits2
Cvelist
Cvelist
added 2009/10/30 8:5 p.m.28 views

CVE-2009-3549

packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service application crash via a file that records a malformed packet trace...

6.2AI score0.02599EPSS
Exploits2References9
Debian CVE
Debian CVE
added 2009/10/30 8:5 p.m.22 views

CVE-2009-3549

packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service application crash via a file that records a malformed packet trace...

5CVSS5.1AI score0.02599EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2009/10/30 12:0 a.m.5 views

PT-2009-5840 · Wireshark · Wireshark

Name of the Vulnerable Software and Affected Versions: Wireshark versions 1.2.0 through 1.2.2 Description: The issue is caused by an off-by-one error in the dissect negprot response function in packet-smb.c in the SMB dissector. This allows remote attackers to cause a denial of service, resulting...

5CVSS6.1AI score0.01547EPSS
Exploits2References12
Rows per page
Query Builder