37 matches found
Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
No description provided by source. !/bin/sh Exploit for Apache modrewrite off-by-one. Vulnerability discovered by Mark Dowd. CVE-2006-3747 by jack jack\x40gulcas\x2Eorg 2006-08-20 Thx to xuso for help me with the shellcode. I suppose that you've the RewriteRule kung/. $1 rule if not you must...
Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003
The remote host is missing Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003. One or more of the following components are affected: AFP Server Apache AppKit Apple Pixlet Video ATS CFNetwork CoreFoundation CoreGraphics CoreTypes CUPS Flash Player Plug-in Help Viewer iCal International...
CVE-2006-3747
creationtimestamp| type| source ---|---|--- 2010-02-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16752 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/apachemodrewriteldap.rb 2025-02-06 03:13:38+00:00|...
Apache module mod_rewrite LDAP protocol Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Apache modul...
SLES9: Security update for Apache and mod_ssl
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: modssl apache For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018358 within t...
SLES9: Security update for Apache2
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-worker apache2 apache2-prefork For more information, please visit the referenced security advisories. More details may also be found by searching for...
SLES9: Security update for Apache and mod_ssl
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: modssl apache For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018358 within t...
Fedora Update for httpd FEDORA-2007-617
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200608-01 (apache)
The remote host is missing updates announced in advisory GLSA 200608-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Mac OS X 10.5.x < 10.5.3 Multiple Vulnerabilities
The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.3. Mac OS X 10.5.3 contains security fixes for a number of programs. C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; if NASLLEVEL 3004 exit0; include"compat.inc"; if description scriptid32477;...
Mac OS X Multiple Vulnerabilities (Security Update 2008-003)
The remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-003 applied. This update contains security fixes for a number of programs. C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; if NASLLEVEL 3004 exit0; include"compat.inc"; if descripti...
Apache < 1.3.37 mod_rewrite LDAP Protocol URL Handling Overflow
The remote host appears to be running a version of Apache which is older than 1.3.37. This version contains an off-by-one buffer overflow in the modrewrite module. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid31654; scriptversion"1.26"; scriptcvsdate"Date: 2018/11/1...
Debian Security Advisory DSA 1132-1 (apache2)
The remote host is missing an update to apache2 announced via advisory DSA 1132-1. Mark Dowd discovered a buffer overflow in the modrewrite component of apache, a versatile high-performance HTTP server. In some situations a remote attacker could exploit this to execute arbitrary code. OpenVAS...
apache-mod-rewrite.rb.txt
require 'msf/core' module Msf class Exploits::Windows::Http::Apachemodrewrite 'Apache ModRewrite escapeabsoluteuri Off-By-One Buffer Overflow', 'Description' = %q This module exploits a off-by-one buffer overflow. RewriteRule must be enabled and rule must meets this criteria: beginning of the...
SuSE 10 Security Update : Apache2 (ZYPP Patch Number 1906)
This update fixes security problems in the Apache2 webserver : modrewrite: Fixed an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer being written out of bounds. CVE-2006-3747 For SUSE Linux Enterprise Server 10 additionally an old securi...
openSUSE 10 Security Update : apache2 (apache2-1905)
This update fixes the following security problem in the Apache webserver : modrewrite: Fix an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer being written out of bounds. CVE-2006-3747 %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Apache mod_rewrite LDAP URL buffer overflow
Added: 06/22/2007 CVE: CVE-2006-3747 BID: 19204 OSVDB: 27588 Background modrewrite is an Apache module which allows rule-based modification of URL requests. Problem An off-by-one buffer overflow vulnerability in modrewrite allows command execution when the escapeabsoluteuri function attempts to...
Apache mod_rewrite LDAP URL buffer overflow
Added: 06/22/2007 CVE: CVE-2006-3747 BID: 19204 OSVDB: 27588 Background modrewrite is an Apache module which allows rule-based modification of URL requests. Problem An off-by-one buffer overflow vulnerability in modrewrite allows command execution when the escapeabsoluteuri function attempts to...
Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32)
No description provided by source. !/bin/sh Exploit for Apache modrewrite off-by-oneWin32. by axis axis@ph4nt0m http://www.ph4nt0m.org 2007-04-06 Tested on Apache 2.0.58 Win32 Windows2003 CN SP1 Vulnerable Apache Versions: 1.3 branch: 1.3.28 and 1.3.37 2.0 branch: 2.0.46 and 2.0.59...
Apache mod_rewrite (Windows x86) - Off-by-One Remote Overflow
Apache modrewrite Windows x86 - Off-by-One Remote Overflow !/bin/sh Exploit for Apache modrewrite off-by-oneWin32. by axis http://www.ph4nt0m.org 2007-04-06 Tested on Apache 2.0.58 Win32 Windows2003 CN SP1 Vulnerable Apache Versions: 1.3 branch: 1.3.28 and 2.0.46 and 2.2.0 and 2006-08-20...