CVE-2017-15655

CVE-2017-15655 affects the AsusWRT HTTPd server in Asus routers with firmware versions up to 3.0.0.4.376.X. The vulnerability is a buffer overflow in the HTTPd service that can lead to remote code execution with administrator privileges when an administrator visits certain pages. All vulnerable i...

CVE-2017-15656

CVE-2017-15656 is confirmed to affect AsusWRT firmware with the httpd nvram storage path. Multiple connected sources state plaintext passwords are stored in nvram and thus readable without proper protection in versions up to 3.0.0.4.380.7743 (and earlier per CNVD), enabling an attacker with acces...

CVE-2017-15654

CVE-2017-15654 affects AsusWRT's HTTPd in Asus routers (versions up to 3.0.0.4.380.7743). The vulnerability stems from highly predictable session tokens generated by reseeding the RNG with time(), enabling an attacker to infer or guess a valid administrator session and gain router admin access. C...

CVE-2017-15655

Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version =3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time...

CVE-2017-15653

CVE-2017-15653 concerns AsusWRT routers with the HTTPd web interface. It describes an improper administrator IP validation after login, allowing an unauthorized user who has a valid administrator session token to perform any action by sending a crafted User-Agent string. Affected versions are all...

CVE-2017-15654

Highly predictable session tokens in the HTTPd server in all current versions = 3.0.0.4.380.7743 of Asus asuswrt allow gaining administrative router access...

GoAhead Web Server 2.5 < 3.6.5 - HTTPd LD_PRELOAD Arbitrary Module Load Exploit

This Metasploit module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

GoAhead Web Server 2.5 &lt; 3.6.5 - HTTPd &#039;LD_PRELOAD&#039; Arbitrary Module Load (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GoAhead Web Server LDPRELOAD Arbitrary Module Load', 'Description' = %q This module triggers an arbitrary shared library load vulnerability in...

Apache Httpd < 2.4.33 : Possible out of bound read in mod_cache_socache

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.33 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache...

Apache Httpd < 2.4.33 : Possible write of after free on HTTP/2 stream shutdown

When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.33 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerabilty hard to trigger in usual configurations, the reporter...

Code injection

keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link...

CVE-2017-15112

keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users...

CVE-2017-15111

keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link...

CVE-2017-15111

keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link...

CVE-2017-15111

CVE-2017-15111 affects keycloak-httpd-client-install prior to version 0.8. It insecurely creates a temporary file in /tmp, enabling a local attacker to exploit a symbolic link to overwrite other files. This vulnerability is discussed in multiple advisories (RHSA-2019:2137, ALAS2-2019-1324, CES A-...

CVE-2017-15112

The CVE-2017-15112 issue affects keycloak-httpd-client-install, prior to version 0.8. The vulnerability is due to unsafe handling of the admin password on the command line, allowing the password to be exposed via shell history and process info to other local users. This mirrors the related CVE-20...

Fedora Update for keycloak-httpd-client-install FEDORA-2018-2299cfb708

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : keycloak-httpd-client-install (2018-2299cfb708)

Security fix for CVE-2017-15111, CVE-2017-15112 Two minor security issues were discovered and were assigned CVE's. CVE-2017-15112 concerns the ability to pass a password on the command line where it could be exposed. That option has been deprecated. See the man page for multiple ways to pass the...

[SECURITY] Fedora 27 Update: keycloak-httpd-client-install-0.8-1.fc27

Keycloak is a federated Identity Provider IdP. Apache HTTPD supports a variety of authentication modules which can be configured to utilize a Keycloak IdP to perform authentication. This package contains libraries and tools which can automate and simplify configuring an Apache HTTPD authenticatio...

Belkin N600DB Wireless Router - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: Belkin N600DB Wireless Router | Multiple Vulnerabilities Date: 16/01/2018 Exploit Author: Wadeek Hardware Version: F9K1102as v3 Firmware Version: 3.04.11 Vendor Homepage:...