Archive for the 'bug' Category

JBoss Worm Exploiting Old Bug to Infect Unpatched Servers | threatpost

Saturday, October 22nd, 2011

Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pa…

JBoss Worm Exploiting Old Bug to Infect Unpatched Servers | threatpost

Saturday, October 22nd, 2011

Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pa…

Reverse Proxy Bypass – Bug in Apache mod_proxy

Wednesday, October 5th, 2011

It is possible for an attacker to reach internal resources in a DMZ if RewriteRule or ProxyPassMatch directives are used in mod_proxy config

Reverse Proxy Bypass – Bug in Apache mod_proxy

Wednesday, October 5th, 2011

It is possible for an attacker to reach internal resources in a DMZ if RewriteRule or ProxyPassMatch directives are used in mod_proxy config