4 results (0.039 seconds)

CVSS: 5.8EPSS: 0%CPEs: 9EXPL: 1

Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Apache Axis2/Java v1.6.2 y anteriores, no comprueba si el nombre del servidor coincide con un nombre de dominio en el Common Name (CN) del asunto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de un certificado válido arbitrario. • http://secunia.com/advisories/51219 http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf http://www.securityfocus.com/bid/56408 https://exchange.xforce.ibmcloud.com/vulnerabilities/79830 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 97%CPEs: 8EXPL: 7

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service. Axis2 de Apache, tal y como es usado en dswsbobje.war en SAP BusinessObjects Enterprise XI versión 3.2, CA ARCserve D2D r15 y otros productos, tiene una contraseña por defecto de axis2 para la cuenta de administrador, lo que facilita a los atacantes remotos ejecutar código arbitrario mediante la carga de un servicio web especialmente diseñado. • https://www.exploit-db.com/exploits/16312 https://www.exploit-db.com/exploits/16315 https://www.exploit-db.com/exploits/15869 https://github.com/veritas-rt/CVE-2010-0219 http://retrogod.altervista.org/9sg_ca_d2d.html http://secunia.com/advisories/41799 http://secunia.com/advisories/42763 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf http://www.exploit-db.com/exploits/15869 http://www.kb.cert.org/vuls/id/989719 http://www.osvd • CWE-255: Credentials Management Errors •

CVSS: 7.5EPSS: 1%CPEs: 42EXPL: 0

Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService. Apache Axis2 en versiones anteriores a la 1.5.2, tal como se usa en IBM WebSphere Application Server (WAS) 7.0 a 7.0.0.12, IBM Feature Pack para Web Services 6.1.0.9 a 6.1.0.32, IBM Feature Pack para Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo y otros productos, no rechaza de manera apropiada DTDs en mensajes SOAP, lo que permite a atacantes remotos leer ficheros de su elección, enviar peticiones HTTP a servidores de la intranet o provocar una denegación de servicio (consumo de memoria y de CPU) mediante un DTD manipulado, como se ha demostrado por una declaración de entidad en una petición a Synapse SimpleStockQuoteService. • http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html http://geronimo.apache.org/21x-security-report.html http://geronimo.apache.org/22x-security-report.html http://markmail.org/message/e4yiij7lfexastvl http://secunia.com/advisories/40252 http://secunia.com/advisories/40279 http://secunia.com/advisories/41016 http://secunia.com/advisories/41025 http://www-01.ibm.com/support/docview.wss?uid=swg21433581 http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765 http • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 5

Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados en axis2-admin/axis2-admin/engagingglobally en la consola de administración de Apache Axis2/Java v1.4.1, v1.5.1 y posiblemente otras versiones, usada en Business Objects 12, 3com IMC y posiblemente en otros productos, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "modules". NOTA: algunos detalles han sido obtenidos a partir de terceros. • https://www.exploit-db.com/exploits/12689 http://osvdb.org/64844 http://secunia.com/advisories/39906 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf http://www.exploit-db.com/exploits/12689 http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-03 http://www.securityfocus.com/archive/1/511404/100/0/threaded http://www.securityfocus.com/bid/40327 http://www.vupen.com/english/advisories/2010/1215 https://exchange.xforce.ibmcloud.com/ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •