847 matches found
Oracle Linux 6 / 7 : python-twisted-web (ELSA-2016-1978)
The remote Oracle Linux 6 / 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2016-1978 advisory. 8.2.0-5 - Rebase HTTPoxy patch and bump release for rebuild Resolves: rhbz1358789 8.2.0-4 - Fix HTTPoxy CVE-2016-1000111 Resolves: rhbz1358789 Tenable has...
CentOS 6 / 7 : python-twisted-web (CESA-2016:1978)
An update for python-twisted-web is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
python security update
CentOS Errata and Security Advisory CESA-2016:1978 An update for python-twisted-web is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS...
Important: Red Hat Security Advisory: python-twisted-web security update
An update for python-twisted-web is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Twisted: sets environmental variable based on user supplied Proxy request header
It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...
python-twisted-web security update
8.2.0-5 - Rebase HTTPoxy patch and bump release for rebuild Resolves: rhbz1358789 8.2.0-4 - Fix HTTPoxy CVE-2016-1000111 Resolves: rhbz1358789...
Raptor Web Application Firewall
Raptor Web Application Firewall Raptor Web Application Firewall is a simple web application firewall made in C, using KISS principle , to make poll use select function, is not better than epoll or kqueue from BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path...
[SECURITY] Fedora 24 Update: python-autobahn-0.10.9-1.gitcf10233.fc24
Autobahn a networking library that is part of the Autobahn project and prov ides implementations of The WebSocket Protocol http://tools.ietf.org/html/rfc6455 The Web Application Messaging Protocol WAMP http://wamp.ws for Twisted and asyncio on Python 2 & 3 and for writing servers and clients...
Python Twisted Security Bypass Vulnerability
Python Twisted is a set of event-driven network engine based framework implemented in Python. A security bypass vulnerability exists in Python Twisted. An attacker can exploit this vulnerability to perform unauthorized operations...
CVE-2016-1000111
It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...
CVE-2016-1000111
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI application's outbou...
PT-2016-4503 · Twisted +4 · Twisted +4
Name of the Vulnerable Software and Affected Versions: Twisted versions prior to 16.3.1 Description: The issue arises from the software's failure to address RFC 3875 section 4.1.18 namespace conflicts, which leaves CGI applications unprotected from untrusted client data in the HTTP PROXY...
UBUNTU-CVE-2016-1000111
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI application's outbou...
Twisted Lands: Insomniac Free - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Twisted Lands: Insomniac Free published at the 'play' market has multiple vulnerabilities...
Vulnerabilities in the server operating system OS X Server, which allow attackers to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities of the Twisted module in the Wiki Server server operating system OS X Server are related to errors in the code. Exploiting these vulnerabilities could allow a malicious actor, operating remotely, to compromise the confidentiality, integrity, and accessibility of the...
CVE-2015-5911
Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document...
Code injection
Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document...
CVE-2015-5911
CVE-2015-5911 affects Apple OS X Server Wiki Server (Twisted) before 5.0.3, with multiple unspecified vulnerabilities that can be triggered via an XML document. The root cause, specific impact, and exploit details are not provided in the supplied documents. No explicit remediation is stated beyon...
CVE-2015-5911
Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document...
SPF - SpeedPhish Framework
SPF SpeedPhish Framework is a python tool designed to allow for quick recon and deployment of simple social engineering phishing exercises. Requirements: dnspython twisted PhantomJS Usage: usage: spf.py -h -f -C --all --test -e -g -s --simulate -w -W -d -c --ip -v -y optional arguments: -h, --hel...