meta-security

mirrors/meta-security

Fork 0

mirror of https://git.yoctoproject.org/meta-security synced 2026-05-09 05:29:56 +00:00

Commit Graph

Author	SHA1	Message	Date
Scott Ellis	b4441953a5	nikto: upgrade to 2.1.6 (v2) Source now on github. Signed-off-by: Scott Ellis <scott@jumpnowtek.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-01-06 08:02:28 -08:00
Nagalakshmi Veeramallu	a1406fe1c8	CVE-2018-11652 nikto: arbitray OS command injection via http server field. CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report. Signed-off-by: Nagalakshmi Veeramallu <nveeramallu@mvista.com> Reviewed-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com>	2018-07-03 15:30:51 -07:00
Andrei Dinu	d54c9d7dad	Security layer version 1.0 Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>	2013-07-10 16:41:44 +03:00

Author

SHA1

Message

Date

Scott Ellis

b4441953a5

nikto: upgrade to 2.1.6 (v2)

Source now on github.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

2019-01-06 08:02:28 -08:00

Nagalakshmi Veeramallu

a1406fe1c8

CVE-2018-11652 nikto: arbitray OS command injection via http server field.

CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers
to inject arbitrary OS commands via the Server field in an HTTP response header,
 which is directly injected into a CSV report.

Signed-off-by: Nagalakshmi Veeramallu <nveeramallu@mvista.com>
Reviewed-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>

2018-07-03 15:30:51 -07:00

Andrei Dinu

d54c9d7dad

Security layer version 1.0

Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>

2013-07-10 16:41:44 +03:00

3 Commits