268 matches found
dpdk: Information exposure in unchecked guest physical to host virtual address translations
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory...
UBUNTU-CVE-2018-1059
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions...
USN-3619-1: Linux kernel vulnerabilities
Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16995 It was discovered that a...
CVE-2018-8817
Wampserver before 3.1.3 has CSRF in addvhost.php...
DEBIAN-CVE-2017-16911
The vhcihcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP...
VHostScan - Virtual Host Scanner
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 slidedeck. Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios whe...
HTTP Virtual Host Scanner: VHostScan
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results...
Remote Desktop Virtual Host Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the VM Host Agent Service of Remote Desktop Virtual Host role when it fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could issue a specially crafted certificate on t...
Microsoft Remote Desktop Virtual Host CVE-2017-8714 Remote Code Execution Vulnerability
Description Microsoft Remote Desktop Virtual Host is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code on the affected system. Failed attacks may cause denial-of-service conditions. Technologies Affected Microsoft Windows 10...
KLA11099 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions, spoof user interface, cause denial of service. Below is a complete list of...
libapache-authenhook-perl Information Disclosure Vulnerability
libapache-authenhook-perl is a package for Apache login authentication. A security vulnerability exists in libapache-authenhook-perl version 2.00-04, which stems from the program storing usernames and passwords in plaintext in the vhost error log. An attacker can exploit this vulnerability to...
DEBIAN-CVE-2010-3845
libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error log...
Top-5 stupid security mistakes in web apps
In this blog entry, I will summarize some commonly overlooked issues which have been affecting many web projects for the last 5 years. All of them are obvious and super predictable and could be used be script kiddies as well as by fully automated scanners and internal security checks. Let’s go! 1...
WordPress PHPMailer Host Header Command Injection
This module exploits a command injection vulnerability in WordPress version 4.6 with Exim as an MTA via a spoofed Host header to PHPMailer, a mail-sending library that is bundled with WordPress. A valid WordPress username is required to exploit the vulnerability. Additionally, due to the altered...
mod_jk: Buffer overflow when concatenating virtual host name and URI
It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow...
mod_jk: Buffer overflow when concatenating virtual host name and URI
It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow...
mod_jk: Buffer overflow when concatenating virtual host name and URI
It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow...
CVE-2016-6808
It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow...
Fixed in Apache Tomcat JK Connector 1.2.42
Moderate: Buffer Overflow CVE-2016-6808 The IIS/ISAPI specific code implements special handling when a virtual host is present. The virtual host name and the URI are concatenated to create a virtual host mapping rule. The length checks prior to writing to the target buffer for this rule did not...
Kangle虚拟主机本地文件包含漏洞
测试环境:kangle-3.3.9.msi,ep-2.6.4.exe(官方4-18日更新),windows XP 首先安装kangle server,然后安装easypanel,安装成功后访问http://127.0.0.1:3312/,会自动跳转到http://127.0.0.1:3312/vhost/?c=session&a=loginForm。 然后随便输入用户名密码登陆,如图发送的请求: 然后修改请求url中的参数c的值,将session改为: C=../../../../../../../../../../../windows/system.ini%00...