python-rdomanager-oscplugin: NeutronMetadataProxySharedSecret parameter uses default value

It was discovered that Director's NeutronMetadataProxySharedSecret parameter remained specified at the default value of 'unset'. This value is used by OpenStack Networking to sign instance headers; if unchanged, an attacker knowing the shared secret could use this flaw to spoof OpenStack Networki...

CVE-2015-2787

Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an...

Low: httpd

Issue Overview: The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...

DEBIAN-CVE-2013-5704

The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...

CVE-2013-5704

The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...

CVE-2013-5704

CVE-2013-5704 concerns the Apache HTTP Server mod_headers trailer-header bypass vulnerability. The issue arises when a client places headers in the trailer portion of a chunked request, potentially bypassing RequestHeader unset directives and allowing header manipulation after header processing. ...

UBUNTU-CVE-2013-5704

The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...

Магические методы, сериализация, инъекции в сессию и все-все-все

==-1== Введение Изначально писал для себя, как небольшой сборник полезных идей, в итоге вылилось вот в такую статью. Особого опыта в написании публикаций у меня нет, так что ногами не пинать, я старался Перед переходом к практическим примерам рассмотрим теоретически основы используемых функций...

Sql injection

directory.php in AJchat 0.10 allows remote attackers to bypass input validation and conduct SQL injection attacks via a numeric parameter with a value matching the s parameter's hash value, which prevents the associated $GET"s" variable from being unset. NOTE: it could be argued that this...

AJchat 0.10 unset() bug Remote SQL Injection Vulnerability

No description provided by source. ---- AJchat Remote Sql Injection using unset bug ... ITDefence.ru Antichat.ru AJchat Remote Sql Injection using unset bug Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / /...

AJchat 0.10 - 'unse' SQL Injection

---- AJchat Remote Sql Injection using unset bug ... ITDefence.ru Antichat.ru AJchat Remote Sql Injection using unset bug Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // / /\ / // 2007...

ajchat-sql.txt

---- AJchat Remote Sql Injection using unset bug ... ITDefence.ru Antichat.ru AJchat Remote Sql Injection using unset bug Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // / /\ / // 2007...

AJchat 0.10 - unse SQL Injection

AJchat 0.10 - unse SQL Injection ---- AJchat Remote Sql Injection using unset bug ... ITDefence.ru Antichat.ru AJchat Remote Sql Injection using unset bug Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / /...

AJchat 0.10 unset() bug Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== AJchat 0.10 unset bug Remote SQL Injection Vulnerability ========================================================== ---- AJchat Remote Sql Injection using unset bug ... ITDefence.r...

Ubuntu 5.04 / 5.10 / 6.06 LTS : php4, php5 vulnerabilities (USN-320-1)

The phpinfo PHP function did not properly sanitize long strings. A remote attacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo. Please note that it is not recommended to publicly expose phpinfo. CVE-2006-0996 An...

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

PHP Hash表覆盖任意代码执行漏洞

PHP是一款广泛使用的WEB开发脚本语言。 PHP SESSION unset存在问题，远程攻击者可利用此漏洞以应用程序权限执行任意指令。 因为不包含会话全局中的内部指针，会话扩展不正确设置会话变量的引用计数值。可导致unset SESSION和HTTPSESSIONVAR会破坏包含会话数据的HASH表，虽然会话扩展仍旧包含内部指针指向，并内部仍旧使用它。通过特殊构建的字符串可替代HASH表导致任意代码执行。 PHP PHP 5.1.6 PHP PHP 5.1.5 PHP PHP 5.1.4 PHP PHP 5.1.3 PHP PHP 5.1.3 PHP PHP 5.1.2 PHP PH...

PHP variables unset use after free vulnerability

There is no access counters for SESSION and HTTPSESSIONVARS variables, making it possible to trigger use-after-free conditions by unsetting these variables. In addition, it's possible to deserealize these variables...

PHP < 4.4.5/5.2.1 - '_SESSION unset()' Local Overflow

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

PHP < 4.4.5 / 5.2.1 _SESSION unset() Local Exploit

Exploit for linux platform in category local exploits ================================================== PHP 4.4.5 / 5.2.1 SESSION unset Local Exploit ================================================== ?php //////////////////////////////////////////////////////////////////////// // // // | || | |...