Apache HTTP Server DoS Vulnerability (May 2011) - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Exploit for Cross-site Scripting in Jamovi

CVE-2021-28079 - POC Jamovi =1.6.18 is affected by a cros...

Fedora: Security Advisory for httpd (FEDORA-2021-f94985afca)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: httpd-2.4.50-1.fc35

The Apache HTTP Server is a powerful, efficient, and extensible web server...

HTTPUploadExfil - A Simple HTTP Server For Exfiltrating Files/Data During, For Example, CTFs

HTTPUploadExfil is a very simple HTTP server written in Go that's useful for getting files and other information off a machine using HTTP. While there are many use-cases, it's meant to be used in low-stakes offensive scenarios e.g., CTFs. Think of this as python3 -m http.server but for getting da...

Security Bulletin: Multiple vulnerabilities in IBM HTP server optionally used by i2 Analyze

Summary There are multiple vulnerabilities in the IBM HTTP Server bundled and optionally deployed with IBM i2 Analyze. The referenced bulletin points to fixes for the issues. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versio...

Apache HTTP Server Path Traversal & Remote Code Execution (CVE-2021-41773 & CVE-2021-42013)

On October 4, 2021, Apache HTTP Server Project released Security advisory on a Path traversal and File disclosure vulnerability in Apache HTTP Server 2.4.49 and 2.4.50 tracked as CVE-2021-41773 and CVE-2021-42013. In the advisory, Apache also highlighted “the issue is known to be exploited in the...

Check Point response to Apache CVEs - November 2021 for httpd versions between 2.4.41 and 2.4.51

Solution In November 2021, Apache open source published CVEs for httpd versions between 2.4.41 and 2.4.51 see the list of the CVEs in the "Cause" section. Check Point uses the Apache HTTP Server as the Web server for several of its user portals on both the Security Gateway Gaia Portal, Identity...

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.50 - Path Traversal or Remote Code Execution CVE-20...

openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:3522-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3522-1 advisory. - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

NewStart CGSL MAIN 6.02 : bash Multiple Vulnerabilities (NS-SA-2021-0118)

The remote NewStart CGSL host, running version MAIN 6.02, has bash packages installed that are affected by multiple vulnerabilities: - GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remot...

Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server

Summary Buffer overflow vulnerability in IBM HTTP Server used by WebSphere Application Server Liberty Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM i2 Analyze| IBM i2 Analyze 4.3...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2586)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in SSLv3 affects IBM Installation Manager (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Installation Manager. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this...

EulerOS 2.0 SP3 : httpd (EulerOS-SA-2021-2586)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of...

Apache HTTP Server 2.4.50 - Remote Code Execution (RCE) (2)

Exploit: Apache HTTP Server 2.4.50 - Remote Code Execution RCE 2 Credits: Ash Daulton & cPanel Security Team Date: 24/07/2021 Exploit Author: TheLastVvV.com Vendor Homepage: https://apache.org/ Version: Apache 2.4.50 with CGI enable Tested on : Debian 5.10.28 CVE : CVE-2021-42013 !/bin/bash echo...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-42013Reverse-Shell PoC CVE-2021-42013 reverse shell...

Apache HTTP Server 2.4.50 Remote Code Execution

Exploit: Apache HTTP Server 2.4.50 - Remote Code Execution RCE 2 Credits: Ash Daulton & cPanel Security Team Date: 24/07/2021 Exploit Author: TheLastVvV.com Vendor Homepage: https://apache.org/ Version: Apache 2.4.50 with CGI enable Tested on : Debian 5.10.28 CVE : CVE-2021-42013 !/bin/bash echo...

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.49 - Path Traversal or Remote Code Execution cve-20...

CLSA-2021-1634922624 Fixed CVE-2020-35452 in httpd

CVE-2020-35452: fix stack overflow in modauthdigest due to crafted digest nonce...