5707 matches found
Apache HTTP Server 2.x Memory Leak Exploit
Exploit for unknown platform in category dos / poc ========================================== Apache HTTP Server 2.x Memory Leak Exploit ========================================== / apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided...
Apache HTTP Server 2.x Memory Leak Exploit
No description provided by source. / apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided only to test networks for a known vulnerability. Do not use this tool on systems you do not control, and do not use this tool on networks you do...
iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 04.08.03: http://www.idefense.com/advisory/04.08.03.txt Denial of Service in Apache HTTP Server 2.x April 8, 2003 I. BACKGROUND The Apache Software Foundation's HTTP Server Project is an effort to develop and maintain an...
Apache vulnerable to DoS
Overview A remotely exploitable denial-of-service vulnerability exists in the Apache HTTP Server. Exploitation of this vulnerability may allow an attacker to consume all available system resources, resulting in a denial-of-service condition. Description The Apache HTTP Server is a very popular...
Apache vulnerable to DoS via request for MS-DOS device
Overview Systems running the Apache web server under some versions of Microsoft Windows may be vulnerable to a remote denial-of-service condition. Description The Apache HTTP server fails to filter GET requests for MS-DOS style device names. This results in a denial-of-service vulnerability on...
(RHSA-2002:214) php security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA such as sendmail in the 5th argument to mail, altering MTA...
Path Parsing Errata in Apache HTTP Server
Original Message: ----------------- From: [email protected] [email protected] Date: Wed, 22 Jan 2003 09:00:58 -0500 To: [email protected] Subject: Path Parsing Errata in Apache HTTP Server Path Parsing Errata in Apache HTTP Server ABSTRACT The Apache HTTP Server...
Important: Red Hat Security Advisory: apache security update
Updated apache and httpd packages are available which fix a number of security issues for Red Hat Linux Advanced Server 2.1. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. Buffe...
Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fix two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...
Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fixes two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...
Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fixes two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...
DSA-187 apache - several vulnerabilities
Bulletin has no description...
iDEFENSE Security Advisory 10.03.2002: Apache 1.3.x shared memory scoreboard vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.03.2002 Apache 1.3.x shared memory scoreboard vulnerabilities 16:00 GMT, October 3, 2002 I. BACKGROUND The Apache Software Foundation's HTTP Server is an effort to develop and maintain an open-source HTTP server for moder...
Apache 2.0 vulnerability affects non-Unix platforms
-----BEGIN PGP SIGNED MESSAGE----- For Immediate Disclosure =============== SUMMARY ================ Title: Apache 2.0 vulnerability affects non-Unix platforms Date: 9th August 2002 Revision: 2 Product Name: Apache HTTP server 2.0 OS/Platform: Windows, OS2, Netware Permanent URL:...
ISS Advisory: Remote Compromise Vulnerability in Apache HTTP Server
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...
Apache HTTP Server on Win32 systems does not securely handle input passed to CGI programs
Overview A vulnerability in the Apache HTTP Server running on Win32 systems Windows 9x/Me, Windows NT/2000/XP could allow an attacker to execute commands with the privileges of the web server process. Description The Apache HTTP Server is a freely available web server that runs on a variety of...
Oracle9i Application Server PL/SQL Gateway web administration interface uses null authentication by default
Overview A vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle 9i Application Server iAS. In its default configuration, the PL/SQL module grants unauthenticated access to the PL/SQL gateway web-based administration interface. Description...
CVE-1999-1412
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service crash via a flood of HTTP GET requests to CGI programs, which generates a large number of processes...
CVE-1999-1412
CVE-1999-1412 describes a DoS risk from an interaction between MacOS X 1.0 and Apache HTTP server, where a flood of HTTP GET requests to CGI programs can spawn many processes on affected systems. Connected sources provide concrete details indicating the issue relates to the Apache httpd component...
Apache 1.3 - Artificially Long Slash Path Directory Listing (1)
Apache 1.3 - Artificially Long Slash Path Directory Listing 1 source: https://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, include...