all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Boa Web Server 0.94.13 / 0.94.14 Authentication Bypass

Add to bookmarks
Nov. 21, 2022, 4:05 p.m. |

Packet Storm packetstormsecurity.com

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.

authentication authentication bypass bypass server web web server

Visit resource

More from packetstormsecurity.com / Packet Storm

Debian Security Advisory 5665-1 an hour ago | packetstormsecurity.com
advisory debian debian linux security engine +7
Debian Security Advisory 5664-1 an hour ago | packetstormsecurity.com
advisory attackers can clients +20
Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference an hour ago | packetstormsecurity.com
audio client client-side configuration +11
Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass an hour ago | packetstormsecurity.com
access attackers audio authentication +15
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference an hour ago | packetstormsecurity.com
client client-side configuration device +12
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass an hour ago | packetstormsecurity.com
access attackers authentication authentication bypass +16
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference an hour ago | packetstormsecurity.com
client client-side configuration device +10
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass an hour ago | packetstormsecurity.com
access attackers authentication authentication bypass +14
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference an hour ago | packetstormsecurity.com
1.0.0 broadcast client client-side +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Program Associate, Cyber Risk

@ Kroll | Toronto, ONT, Canada
View on infosec-jobs.com

Cybersecurity Operations Engineer 2

@ Humana | Remote US
View on infosec-jobs.com

Vice President - Lead Security Engineer (SECS04)

@ JPMorgan Chase & Co. | Columbus, OH, United States
View on infosec-jobs.com

Security Specialist

@ BGIS | Markham, ON, Canada
View on infosec-jobs.com
View more jobs