Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Alcatel-Luce...

Security fix for the ALT Linux 10 package apache2 version 2.2.14-alt1

Oct. 6, 2009 Aleksey Avdeev 2.2.14-alt1 - 2.2.14 - Security fixes CVE-2009-2412, CVE-2009-2699, CVE-2009-3094, CVE-2009-3095 - Update patchsets: + itk for apache2.2-mpm-itk-2.2.11-02 Closes: 21486 + peruser for httpd-2.2.3-peruser-0.3.0-dc3...

Important: Red Hat Security Advisory: Red Hat Application Stack v2.4 security and enhancement update

Red Hat Application Stack v2.4 is now available. This update fixes several security issues and adds various enhancements. This update has been rated as having important security impact by the Red Hat Security Response Team. Red Hat Application Stack v2.4 is an integrated open source application...

Apache Httpd < 2.0.64 : mod_proxy_ftp DoS

A NULL pointer dereference flaw was found in the modproxyftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service...

Apache Httpd < 2.2.14 : mod_proxy_ftp DoS

A NULL pointer dereference flaw was found in the modproxyftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service...

Apache Httpd < 2.2.14 : mod_proxy_ftp FTP command injection

A flaw was found in the modproxyftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server...

Apache Httpd < 2.0.64 : mod_proxy_ftp FTP command injection

A flaw was found in the modproxyftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server...

Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution

This module abuses a metacharacter injection vulnerability in the HTTP management interface of the Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 and earlier. The Unified Maintenance Tool contains a 'masterCGI' binary which allows an unauthenticated attacker to execute arbitrary...

Apache Httpd < 2.0.64 : expat DoS

A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document for example through moddav may be able to cause a crash. This crash would only be a denial of service if using the worker MPM...

Apache Httpd < 2.2.17 : expat DoS

A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document for example through moddav may be able to cause a crash. This crash would only be a denial of service if using the worker MPM...

Mandrake Security Advisory MDVSA-2009:183 (apache-mod_security)

The remote host is missing an update to apache-modsecurity announced via advisory MDVSA-2009:183. OpenVAS Vulnerability Test $Id: mdksa2009183.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:183 apache-modsecurity Authors: Thomas Reinke Copyright:...

RedHat Security Advisory RHSA-2009:1205

The remote host is missing updates announced in advisory RHSA-2009:1205. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contains embedded copies of the Apache Portable Runtime APR libraries, which provide a free library of C data structur...

RedHat Security Advisory RHSA-2009:1203

The remote host is missing updates announced in advisory RHSA-2009:1203. Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Matt Lewis, of...

CentOS Security Advisory CESA-2009:1205 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1205. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...

RedHat Security Advisory RHSA-2009:1204

The remote host is missing updates announced in advisory RHSA-2009:1204. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the Apache Portable Runtime APR manages memory pool and relocatable memory allocations. An attacker could use these flaws to issu...

CentOS Security Advisory CESA-2009:1205 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1205. CESA-2009:1205 64661 2 $Id: ovcesa20091205.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1205 httpd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

CVE-2009-2765

httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI...

CVE-2009-2766

httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests...

CVE-2009-2766

CVE-2009-2766 affects httpd.c in the httpd management GUI of DD-WRT 24 sp1; CGI programs under /cgi-bin/ can be accessed without administrative authentication, enabling remote changes via HTTP requests. CBSS: Network vector, low complexity, no authentication, with partial impact on confidentialit...

CVE-2009-2765

The CVE-2009-2765 issue affects the DD-WRT HTTPd management GUI, where httpd.c in the HTTP daemon is vulnerable to shell metacharacter injection via requests to a CGI-bin URI. The vulnerability allows an unauthenticated remote attacker to execute arbitrary commands with root privileges on affecte...