Scientific Linux Security Update : php on SL6.x i386/x86_64 (20130221)

It was found that PHP did not check for carriage returns in HTTP headers, allowing intended HTTP response splitting protections to be bypassed. Depending on the web browser the victim is using, a remote attacker could use this flaw to perform HTTP response splitting attacks. CVE-2011-1398 An...

CVE-2012-5303

Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname...

CVE-2012-4442

Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check...

CVE-2012-5303

Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname...

Race condition

Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check...

Design/Logic Flaw

Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname...

CVE-2012-4442

Summary: CVE-2012-4442 affects Monkey HTTP Daemon 0.9.3. The issue arises because the daemon retains the supplementary group IDs of the root account while operating with a non-root effective UID, which could allow local users to bypass file-read restrictions due to a race condition in a file-perm...

CVE-2012-5303

Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname...

CVE-2012-4442

Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check...

CVE-2012-5303

Monkey HTTP Daemon 0.9.3 is vulnerable to a local file overwrite via a symlink attack on its PID file. The issue is a race condition that can occur when a pathname different from the default /var/run/monkey.pid is used, allowing local users to trick the daemon into overwriting arbitrary files. Im...

CVE-2012-4443

Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access...

CVE-2012-4443

Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access...

Design/Logic Flaw

Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access...

CVE-2012-4443

CVE-2012-4443 affects Monkey HTTP Daemon 0.9.3. The issue stems from the daemon executing CGI scripts with real UID/GID of root, enabling local users to potentially gain privileges by exploiting write access to cgi-bin. This is a local-privilege-escalation path described in multiple sources. No r...

CVE-2012-4443

Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access...

Moderate: Red Hat Security Advisory: php security update

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Critical: Red Hat Security Advisory: php53 security update

Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

FleaHttpd Denial Of Service

!/usr/bin/python """ FleaHttpd Remote Denial Of Service Exploit by condis "FleaHttpd is a http daemon written from scratch in C. When working as a static file server, data show that under certain condition, fleahttpd's speed for static file retrieving can be three times faster than Apache2" proje...

FleaHttpd - Remote Denial of Service

!/usr/bin/python """ FleaHttpd Remote Denial Of Service Exploit by condis "FleaHttpd is a http daemon written from scratch in C. When working as a static file server, data show that under certain condition, fleahttpd's speed for static file retrieving can be three times faster than Apache2" proje...

Motorola SB5101 Hax0rware Rajko HTTPd Remote Proof Of Concept

!/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32 and R39 Description: Motorola SB5101 Hax0rware Rajko HttpD Remote...