11634 matches found
Internet Bug Bounty: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-39275, CVE-2021-40438, CVE-2021-34798)
Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...
Oracle Linux 7 : httpd (ELSA-2021-9541)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9541 advisory. 2.4.6-97.0.3.1 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 Tenable has extracted the preceding description block directly from the Oracle...
Apache HTTP Server Privilege Escalation Vulnerability
Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute code with the privileges of the parent process usually root by manipulating the scoreboard...
VulnCheck KEV: CVE-2019-0211
Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute code with the privileges of the parent process usually root by manipulating the scoreboard...
VulnCheck KEV: CVE-2021-42013
Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default require all denied or if CGI scripts are enabled. This CVE ID resolves an incomplete patch for...
FrogCMS Path Traversal Vulnerability
FrogCms is an HTTP server. A path traversal vulnerability exists in FrogCMS, which stems from a vulnerability in the FileManagerController.php function in FrogCMS version 0.9.5, which can be exploited to perform a directory traversal attack via the GET request urlencode parameter...
Vulnerability fixed in NetApp ONTAP
A vulnerability has been fixed in NetApp ONTAP. The vulnerability allows a malicious party to cause a denial-of-service cause with respect to the HTTP server in ONTAP. NetApp categorizes this vulnerability according to the CVSSv3 method with a score of 5.3. NetApp has released updates to fix the...
Apache HTTP Server Session Fixation Vulnerability (Jul 2013) - Linux
Apache HTTP Server is prone to a session fixation vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Apache HTTP Server Multiple Vulnerabilities (Feb 2013) - Linux
Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
Apache HTTP Server mod_session_crypto Vulnerability (Dec 2016) - Linux
Apache HTTP Server is prone to a vulnerability in modsessioncrypto. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Apache HTTP Server Privilege Escalation Vulnerability (Mar 2012) - Linux
Apache HTTP Server is prone to a privilege escalation vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Apache HTTP Server Multiple Vulnerabilities (Mar 2014) - Linux
Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
Apache HTTP Server DoS Vulnerability (Sep 2014) - Linux
Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Apache HTTP Server DoS Vulnerability (Jan 2012) - Linux
Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Apache HTTP Server CRLF Injection Vulnerability (Dec 2016) - Linux
Apache HTTP Server is prone to a CRLF injection vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...
Apache HTTP Server DoS Vulnerability (May 2011) - Linux
Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Apache HTTP Server Multiple Vulnerabilities (Sep 2014) - Linux
Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
Apache HTTP Server Information Disclosure Vulnerability (Aug 2012) - Linux
Apache HTTP Server is prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Apache HTTP Server DoS Vulnerability (Sep 2011) - Linux
Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...