Lucene search
+L

1212 matches found

Positive Technologies
Positive Technologies
added 2004/07/07 12:0 a.m.2 views

PT-2004-1827 · Apache · Apache +1

Name of the Vulnerable Software and Affected Versions: Apache versions 2.0.50 and earlier Description: The issue allows remote attackers to cause a denial of service by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop, consuming CPU resources...

5CVSS6.2AI score0.22307EPSS
Exploits0References25
Gentoo Linux
Gentoo Linux
added 2004/06/09 12:0 a.m.56 views

Apache: Buffer overflow in mod_ssl

Background Apache is the most popular Web server on the Internet. modssl provides Secure Sockets Layer encryption and authentication to Apache 1.3. Apache 2 contains the functionality of modssl. Description A bug in the function sslutiluuencodebinary in sslutil.c may lead to a remote buffer...

7.5CVSS7.2AI score0.37681EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2004/03/23 9:54 a.m.5 views

security flaw

Memory leak in sslengineio.c for modssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service memory consumption via plain HTTP requests to the SSL port of an SSL-enabled server...

5CVSS5.9AI score0.09898EPSS
Exploits0References4
Gentoo Linux
Gentoo Linux
added 2004/02/07 12:0 a.m.13 views

PHP setting leaks from .htaccess files on virtual hosts

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description If the server configuration "php.ini" file has "registerglobals = on" and a request is made to one virtual host which has "phpadminflag...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2004/01/31 12:0 a.m.33 views

apache2047.txt

APACHE HTTPD SERVER current version 2.0.47: How to return files in a Apache Deny All directory. The Directives controlling host access may be bypassed even if they have not permission to be override. 11 Jan 2004 DESCRIPTION Apache Web Server allows manage configurations via the main httpd.conf...

7.4AI score
Exploits0
NVD
NVD
added 2003/12/31 5:0 a.m.15 views

CVE-2003-1171

Heap-based buffer overflow in the secfilterout function in modsecurity 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data...

7.5CVSS8AI score0.04625EPSS
Exploits1References7
OSV
OSV
added 2003/12/31 5:0 a.m.6 views

DEBIAN-CVE-2003-1307

The modphp module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: th...

4.3CVSS6.7AI score0.01603EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2003/10/27 12:0 a.m.3 views

PT-2003-1879 · Apache · Apache +1

Name of the Vulnerable Software and Affected Versions: Apache versions prior to 2.0.48 Description: The issue arises from the mishandling of CGI redirect paths by mod cgid when a threaded Multi-Processing Module MPM is used. This could cause Apache to send the output of a CGI program to the wrong...

10CVSS6.1AI score0.11507EPSS
Exploits0References32
seebug.org
seebug.org
added 2003/06/08 12:0 a.m.28 views

Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl

No description provided by source. !/usr/bin/perl Apache 2.0.37 - 2.0.45 APR Exploit Written By Matthew Murphy This Perl script will successfully exploit any un-patched Apache 2.x servers. Base64 Encoder If you want authentication with the server via HTTP's lame Basic auth, put the proper string ...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/08 12:0 a.m.54 views

Apache 2.0.45 - 'APR' Crash

!/usr/bin/perl Apache 2.0.37 - 2.0.45 APR Exploit Written By Matthew Murphy This Perl script will successfully exploit any un-patched Apache 2.x servers. Base64 Encoder If you want authentication with the server via HTTP's lame Basic auth, put the proper string to encode BASE64 content, and use...

7.4AI score
Exploits0
0day.today
0day.today
added 2003/05/29 12:0 a.m.60 views

Webfroot Shoutbox < 2.32 (Apache) Remote Exploit

Exploit for linux platform in category remote exploits ================================================ Webfroot Shoutbox ';fclose$h;? HTTP/1.1\nHost: 127.0.0.1\nConnection: Close\n\n"; my $conn; if $ARGV0 eq "x" || $ARGV0 eq "r" $type = $ARGV0; else print "x Webfroot Shoutbox 2.32 on apache...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/21 12:0 a.m.27 views

Mod_NTLM 0.x - Authorisation Heap Overflow

source: https://www.securityfocus.com/bid/7388/info The modntlm Apache module has been reported prone to a heap overflow vulnerability. The vulnerability occurs due to a lack of sufficient bounds checking performed on user-supplied data, stored in heap memory. By supplying excessive data an...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2003/03/14 12:0 a.m.34 views

cpanel.pl

cpanel-plus.pl exploit Spawn bash style Shell on Apache CPANEL Spabam 2003 PRIV8 code hackarena irc.brasnet.org This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; my $shit; $U1 =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/01/22 12:0 a.m.63 views

YABB SE 0.8/1.4/1.5 - &#039;Packages.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/6663/info YaBB SE allows remote users to influence the location of included files. A remote attacker may exploit this condition to cause an external, attacker-supplied file to be included and executed by YABB SE. This may allow a remote attacker to execut...

7.4AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-2309

php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments...

7.8CVSS6.7AI score0.04061EPSS
Exploits1References4
OSV
OSV
added 2002/10/22 12:0 a.m.11 views

DSA-181 libapache-mod-ssl - cross site scripting

Bulletin has no description...

7.5CVSS6.3AI score0.09701EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2002/07/31 3:58 p.m.7 views

security flaw

Off-by-one buffer overflow in the sslcompatdirective function, as called by the rewritecommand hook for modssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries...

7.8CVSS6.4AI score0.011EPSS
Exploits0References4
OSV
OSV
added 2002/07/30 12:0 a.m.22 views

DSA-137 mm - insecure temporary files

Bulletin has no description...

6.2CVSS7.4AI score0.0096EPSS
Exploits0
Exploit DB
Exploit DB
added 2002/07/22 12:0 a.m.24 views

PHP Interpreter 3.0.x/4.0.x/4.1/4.2 - Direct Invocation Denial of Service

// source: https://www.securityfocus.com/bid/5280/info It is possible, under some circumstances, for remote attackers to invoke the PHP interpreter from the web. If the interpreter is invoked with no command line options, it will hang. Attackers may exploit this condition to cause a denial of...

7.4AI score
Exploits0
NVD
NVD
added 2002/07/11 4:0 a.m.31 views

CVE-2002-0653

Off-by-one buffer overflow in the sslcompatdirective function, as called by the rewritecommand hook for modssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries...

7.8CVSS8AI score0.011EPSS
Exploits0References18
Rows per page
Query Builder