Page 7 of 32 results (0.016 seconds)

CVSS: 5.8EPSS: 0%CPEs: 21EXPL: 5

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. El protocolo TLS y el protocolo SSL v3.0 y posiblemente versiones anteriores, tal y como se usa en Microsoft Internet Information Services (IIS) v7.0, mod_ssl en el servidor HTTP Apache v2.2.14 y anteriores, OpenSSL antes de v0.9.8l, GnuTLS v2.8.5 y anteriores, Mozilla Network Security Services (NSS) v3.12.4 y anteriores, y otros productos, no asocia apropiadamente la renegociación del Handshake SSL en una conexión existente, lo que permite ataques man-in-the-middle en los que el atacante inserta datos en sesiones HTTPS, y posiblemente otro tipo de sesiones protegidas por SSL o TLS, enviando una petición de autenticación que es procesada retroactivamente por un servidor en un contexto post-renegociación. Se trata de un ataque de "inyección de texto plano", también conocido como el problema del "Proyecto Mogul". • https://www.exploit-db.com/exploits/10071 https://www.exploit-db.com/exploits/10579 http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html http://blogs.iss.net/archive/sslmitmiscsrf.html http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during http://clicky.me/tlsvuln http://extendedsubset.com/?p=8 http://extendedsubset.com/Renegotiating_TLS.pdf http://h20000.www2.hp.com/bizsuppo • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint •

CVSS: 7.5EPSS: 92%CPEs: 10EXPL: 1

Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests. Desbordamiento de búfer inferior en src/http/ngx_http_parse.c en nginx v0.1.0 a la v0.5.37, v0.6.x a la v0.6.39, v0.7.x a la v0.7.62, y v0.8.x anterior a v0.8.15, permite a atacantes ejecutar código de su elección a través de peticiones HTTP manipuladas. • https://www.exploit-db.com/exploits/14830 http://nginx.net/CHANGES http://nginx.net/CHANGES-0.5 http://nginx.net/CHANGES-0.6 http://nginx.net/CHANGES-0.7 http://sysoev.ru/nginx/patch.180065.txt http://www.debian.org/security/2009/dsa-1884 http://www.kb.cert.org/vuls/id/180065 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html https://www. • CWE-787: Out-of-bounds Write •