Cross site request forgery (csrf)

HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authenticated users to list application directories containing asset files via a direct request to a directory URI, as demonstrated by listing image files...

CVE-2013-0470

HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authenticated users to list application directories containing asset files via a direct request to a directory URI, as demonstrated by listing image files...

CVE-2013-0470

IBM Netezza Performance Portal 1.0.2 is affected by CVE-2013-0470 where the HTTPD component allows remote authenticated users to list the application's directory structure and asset files. The IBM bulletin specifies directory browsing as the vulnerability, affecting version 1.0.2; a remediation i...

Subversion -- multiple vulnerabilities

Subversion team reports: Subversion's moddavsvn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. Subversion's moddavsvn Apache HTTPD server module will crash when a LOCK request is made against activity URLs...

CVE-2013-1845

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service memory consumption by 1 setting or 2 deleting a large number of properties for a file or directory...

CVE-2013-1846

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash via a LOCK on an activity URL...

Fedora Update for httpd FEDORA-2013-4541

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for httpd FEDORA-2013-4541

Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2013-4541 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Fedora 18 : httpd-2.4.4-2.fc18 (2013-4541)

This update contains the latest release of the Apache HTTP Server, version 2.4.4. Two security issues are resolved in this update : - Various XSS flaws due to unescaped hostnames and URIs HTML output in modinfo, modstatus, modimagemap, modldap, and modproxyftp. CVE-2012-3499 - An...

Apache HTTPD mod_proxy_balancer Cross Site Scripting (CVE-2012-4558)

A cross site scripting vulnerability exists in Apache HTTP web server modproxybalancer. The vulnerability is due to a lack of input validation in the URI of the modproxybalancer manager interface. A remote attacker can exploit these vulnerabilities by enticing a user to follow a specially crafted...

php

New php packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/php-5.4.13-i486-1slack14.0.txz: Upgraded. This release fixes two security issues in SOAP: Added check tha...

TP-Link TL-WR740N Wireless Router - Denial of Service

TP-Link TL-WR740N Wireless Router - Denial of Service !/usr/local/bin/perl TP-Link TL-WR740N Wireless Router Remote Denial Of Service Exploit Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: - Firmware version: 3.16.4 Build 130205 Rel.63875n...

TP-Link TL-WR740N Wireless Router - Denial of Service

!/usr/local/bin/perl TP-Link TL-WR740N Wireless Router Remote Denial Of Service Exploit Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: - Firmware version: 3.16.4 Build 130205 Rel.63875n Released: 2/5/2013 - Hardware version: WR740N v4 00000000...

TP-Link TL-WR740N Wireless Router Remote Denial Of Service

!/usr/local/bin/perl TP-Link TL-WR740N Wireless Router Remote Denial Of Service Exploit Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: - Firmware version: 3.16.4 Build 130205 Rel.63875n Released: 2/5/2013 - Hardware version: WR740N v4 00000000...

TP-Link TL-WR740N Wireless Router Remote Denial Of Service Exploit

Summary The TL-WR740N is a combined wired/wireless network connection device integrated with internet-sharing router and 4-port switch. The wireless N Router is 802.11b&g compatible based on 802.11n technology and gives you 802.11n performance up to 150Mbps at an even more affordable price...

Apache Httpd < 2.0.65 : mod_rewrite log escape filtering

modrewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

Apache Httpd < 2.2.25 : mod_rewrite log escape filtering

modrewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

CentOS Update for httpd CESA-2013:0512 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 6 : httpd (CESA-2013:0512)

Updated httpd packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which giv...

Apache Httpd < 2.2.25 : mod_dav crash

Sending a MERGE request against a URI handled by moddavsvn with the source href sent as part of the request body as XML pointing to a URI that is not configured for DAV will trigger a segfault...