Denial Of Service (DoS)

httpd is vulnerable to denial of service. A NULL pointer dereference flaw was found in the way the modcache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching...

Denial Of Service (DoS)

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a...

Denial Of Service (DoS)

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a...

Denial Of Service (DoS)

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...

Fedora 30 : httpd (2019-cf7695b470)

Resolves: 1695046 CVE-2019-0196 CVE-2019-0197 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 httpd: various flaws Resolves: 1694510 httpd-2.4.39 is available Resolves: 1694986 - CVE-2019-0211 httpd: privilege escalation from modules scripts Note that Tenable Network Security has extracted the precedin...

Important Photon OS Security Update - PHSA-2019-0013

Updates of 'tar', 'httpd' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0230

An update of 'httpd' packages of Photon OS has been released...

Important Photon OS Security Update - PHSA-2019-0230

Updates of 'httpd' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2019-3.0-0013

Updates of 'httpd', 'tar' packages of Photon OS have been released...

EulerOS 2.0 SP5 : httpd (EulerOS-SA-2019-1295)

According to the version of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in modauthdigest when the web server was running in a threaded MPM configuration. It could allow a user with valid...

EulerOS 2.0 SP3 : httpd (EulerOS-SA-2019-1294)

According to the version of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expir...

CVE-2018-14559

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44CNAC7, AC9 devices with firmware through V15.03.05.196318CNAC9, and AC10 devices with firmware through V15.03.06.23CNAC10. A buffer overflow vulnerability exists in the router's web server httpd. When processing the li...

CVE-2018-14557

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44CNAC7, AC9 devices with firmware through V15.03.05.196318CNAC9, and AC10 devices with firmware through V15.03.06.23CNAC10. A buffer overflow vulnerability exists in the router's web server httpd. When processing the pa...

CVE-2018-14559

CVE-2018-14559 describes a buffer overflow in Tenda devices (AC7 firmware V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN) caused by writing POST list parameters with sprintf to a stack variable in the httpd web server, which can overwrite a return address. Primary impact is high...

CVE-2018-14557

CVE-2018-14557 affects Tenda AC7/AC9/AC10 devices (firmware lines V15.03.06.44_CN AC7; V15.03.05.19(6318)_CN AC9; V15.03.06.23_CN AC10 and earlier) where the router’s httpd web server is vulnerable to a buffer overflow. The issue arises when processing POST page parameters: the value is written w...

PT-2019-2951 · Red Hat +1 · Spacewalk-Proxy +1

Name of the Vulnerable Software and Affected Versions: spacewalk-proxy versions through 2.9 Description: A path traversal flaw was found in the way the proxy processes cached client tokens. This issue could allow a remote, unauthenticated attacker to test the existence of arbitrary files or execu...

Raptor WAF v0.6 - Web Application Firewall using DFA

Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. http://funguscodes.blogspot.com.br/ to run: $ git clone https://github.com/CoolerVoid/raptorwaf $ cd raptorwaf; make; bin/raptor Note: Don't execute with "cd bin; ./raptor" us...

Code injection

data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked...