Roommate and Real Estate Listing Classified Response version 1.0 suffers from a cross site scripting vulnerability.
d54780016e5b539d90fcd5e721cc4385e43883abf2fb9de472fb98d7df5ede2cSecunia Research has discovered a vulnerability in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the nsepacom ActiveX control (nsepa.exe) when processing HTTP responses based on the request via the "StartEpa()" method. This can be exploited to cause a heap-based buffer overflow via an overly long "CSEC" HTTP response header. Successful exploitation allows execution of arbitrary code. Citrix Access Gateway Plug-in for Windows version 9.3.49.5 is affected.
88190841a21f5703514230e00d059f52693aa6867752ab05cf5658926bb7ec55Secunia Research has discovered a vulnerability in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer overflow error in the nsepacom ActiveX control (nsepa.exe) when processing HTTP responses based on the request via the "StartEpa()" method. This can be exploited to cause a heap-based buffer overflow via a specially crafted "Content-Length" HTTP response header. Successful exploitation may allow execution of arbitrary code. Citrix Access Gateway Plug-in for Windows version 9.3.49.5 is affected.
e3fca65bdb01a3b7b24ef54cae23d5e08cd0034667d410d5364cab845d4fe8a7Red Hat Security Advisory 2012-1090-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a specially-crafted OCSP response.
39c19044934dc07eaf2ccda4a7067b0b643c2cc6a9cc89a40b7f6f5157c495f1Red Hat Security Advisory 2012-1091-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a specially-crafted OCSP response.
d72857c706afe58af56ef92496d0bf05c85429eac1b79962ede93b64b9d8c56aAsterisk Project Security Advisory - If Asterisk sends a re-invite and an endpoint responds to the re-invite with a provisional response but never sends a final response, then the SIP dialog structure is never freed and the RTP ports for the call are never released. If an attacker has the ability to place a call, they could create a denial of service by using all available RTP ports.
7393ac1f7dc8c09c81891ad81cc71a05d76badd9fadaf47998c0f0251965ab45This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt AMF0 "_error" response, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "World Uyghur Congress Invitation.doc" e-mail attack. According to the advisory, 10.3.183.19 and 11.x before 11.2.202.235 are affected.
278d32f3bc7f3344e48d9ed25bcb65be25041499b78ba981e26d568f755202eeSecunia Security Advisory - SUSE has issued an update for python-tornado. This fixes a vulnerability, which can be exploited by malicious people to conduct HTTP response splitting attacks in an application using the framework.
5720ce07a1bdffb3c8efd1846ad2b368d1fa0e4ac1c093deadd085e9d81ebc5aSecunia Security Advisory - Multiple vulnerabilities have been discovered in UseResponse, which can be exploited by malicious people to conduct cross-site request forgery attacks and by malicious users to conduct script insertion attacks and compromise a vulnerable system.
c1405bc27d5f9c191864265e9fdb559fc8656392663546ddc0b0dfb9bdd51e9fUseresponse versions 1.0.2 and below suffer from a backdoor account, cross site request forgery, and code execution vulnerabilities. Full exploit provided.
1e595bde09d53da1af5b8c9a1f80c9232d1dcaea0fb89a038ec47ceab924e6c0Secunia Security Advisory - A vulnerability has been reported in Adobe ColdFusion, which can be exploited by malicious people to conduct HTTP response splitting attacks.
a6eb8904fd5587681f32bb5352dfd166fbb78eedca4aa0ab7c3797bb8797a7dfSecunia Security Advisory - A vulnerability has been reported in Tornado, which can be exploited by malicious people to conduct HTTP response splitting attacks in an application using the framework.
dbfc0e23f4d2abacf09e25aa997aff77cbbd3c4e2accfcf2f2437aa2c66037b9Cryptographp suffers from local file inclusion and HTTP response splitting vulnerabilities.
df3273a74be6628785ae6c91b0dd3244d0a775aef7296f6386350fbeeabd45afSecunia Security Advisory - Two vulnerabilities have been reported in CiscoWorks Prime LAN Management Solution (LMS), which can be exploited by malicious people to conduct HTTP response splitting attacks, disclose potentially sensitive information, and bypass certain security restrictions.
bb386a08f161b8e5a072a81bf26d3bb99833d1d926ad4db337a2d6582010fecfNewsroom.cisco.com suffers from a cross site scripting vulnerability. The author tried to reach Cisco and did not get a response.
8cb55dcf643631a60ab31199d4e7eaff006fd074677b2736947138779877bde1Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5, 11.1.0.7 and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.5 (and previous patchsets) suffer from an HTTP response splitting vulnerability in the prevPage parameter.
8181e024c40eda634dec94eeab4606fb3db63b7568215c373cb8f48ead738da1Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5, 11.1.0.7, and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.5 (and previous patchsets) suffer from an HTTP response splitting vulnerability in the pageName parameter.
4a9392fef4e6e9384b1634a3dd07200e175b383fcc4c1b78ec8e889706f4392dOpenCart version 1.5.2.1 suffers from arbitrary file upload, HTTP response splitting, local file inclusion, path disclosure, and failed randomness vulnerabilities.
25944ffdc2a7a3db202a1db3e98135989ccf06c08ac03ec68f53ed95c4abb836Mandriva Linux Security Advisory 2012-044 - A vulnerability has been found and corrected in cvs. A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. The updated packages have been patched to correct this issue.
891ba05686fa17391e069c49ba48e6a0ad5b0eba8fc97db8070e0ddf441eeff7Mandriva Linux Security Advisory 2012-043 - A vulnerability has been found and corrected in nginx. A specially crafted backend response could result in sensitive information leak. The updated packages have been patched to correct this issue.
b4f7d90d2aef1b63ae089280c523e080571f3292b4ca66f949631feb3f253176Red Hat Security Advisory 2012-0426-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL parsed Secure/Multipurpose Internet Mail Extensions messages. An attacker could use this flaw to crash an application that uses OpenSSL to decrypt or verify S/MIME messages. A flaw was found in the PKCS#7 and Cryptographic Message Syntax implementations in OpenSSL. An attacker could possibly use this flaw to perform a Bleichenbacher attack to decrypt an encrypted CMS, PKCS#7, or S/MIME message by sending a large number of chosen ciphertext messages to a service using OpenSSL and measuring error response times.
c7a9b634b44b6697d3fc707044640a6ee4da2d50ffa6573b6d65ee91eb939e55Debian Linux Security Advisory 2434-1 - Matthew Daley discovered a memory disclosure vulnerability in nginx. In previous versions of this web server, an attacker can receive the content of previously freed memory if an upstream server returned a specially crafted HTTP response, potentially exposing sensitive information.
ca456b31ee8868c762fd70882f56920df02bb00f023f64312e9a4eadf08af45cnginx versions prior to 1.0.14 stable and 1.1.7 development suffer from an information leak vulnerability when receiving a malformed HTTP response.
4a5c29ad6c7a3904436207e603d5eb2996ff11a7f07c3753916e4e8fb92b76bdWeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.
087283a5e4ae66b6ac53dccfd5878fe22ca5d12bcebb302675d4406e23575560ImageFetcher.com suffers from a remote SQL injection vulnerability. The researcher contacted the site with no luck in getting a response.
c0096bd4ab042011c73831be8b2484baa5d0724c7a1cbfbdaf821ef3c7bb6640httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.
00debb88f90f79d65dcbcc590c2a1172411f70f9134a9367f29c113594d7b9fa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed