F5 BIG-IP Web Management Interface Detection

An F5 BIG-IP web management interface is running on this port. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid30215; scriptversion"1.16"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/05/24"; scriptnameenglish:"F5 BIG-IP Web Management Interface...

CVE-2007-6682

Format string vulnerability in the httpdFileCallBack function network/httpd.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter...

CVE-2007-6682

Format string vulnerability in the httpdFileCallBack function network/httpd.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter...

Debian Security Advisory DSA 935-1 (libapache2-mod-auth-pgsql)

The remote host is missing an update to libapache2-mod-auth-pgsql announced via advisory DSA 935-1. iDEFENSE reports that a format string vulnerability in modauthpgsql, a library used to authenticate web users against a PostgreSQL database, could be used to execute arbitrary code with the...

Debian Security Advisory DSA 525-1 (apache)

The remote host is missing an update to apache announced via advisory DSA 525-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2008:0008 Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a...

httpd mod_proxy_balancer cross-site scripting

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

Moderate: Red Hat Security Advisory: httpd security update

Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the modimap...

RHEL 4 : httpd (RHSA-2008:0006)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0006 advisory. The Apache HTTP Server is a popular Web server. A flaw was found in the modimap module. On sites where modimap was enabled and an imagemap...

Moderate: httpd security update

2.0.52-38.ent.2.0.1 - use oracle index page oracleindex.html - updated string and distro in specfile 2.0.52-38.ent.2 - add security fix for CVE-2007-6388 427236 - add security fix for modproxyftp UTF-7 XSS 427743 2.0.52-38.ent.1 - add security fixes for CVE-2007-4465, CVE-2007-5000 421611...

Apache Httpd < 2.2.12 : CRLF injection in mod_negotiation when untrusted uploads are supported

Possible CRLF injection allowing HTTP response splitting attacks for sites which use modnegotiation and allow untrusted uploads to locations which have MultiViews enabled...

CentOS 4 : httpd (CESA-2008:0006)

Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the modimap...

RHEL 5 : httpd (RHSA-2008:0008)

Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the modimagemap...

Moderate: httpd security update

2.2.3-12.el51.3.0.1 - use oracle index page oracleindex.html, update vstring and distro 2.2.3-12.el51.3 - further update to backport for CVE-2007-6421 427240 2.2.3-12.el51.2 - updated backport for CVE-2007-6421 427240 2.2.3-11.el51.1 - add security fixes for CVE-2007-6388, CVE-2007-6421 and...

Moderate: httpd security update

2.0.46-70.ent.0.1 - use oracle index page oracleindex.html and logo removal - add apr-configure.patch 2.0.46-70.ent - add security fix for CVE-2007-6388 427235 - add security fix for modproxyftp UTF-7 XSS 427742 2.0.46-69.ent - add security fix for CVE-2007-3847 250759 - add security fixes for...

CentOS 3 : httpd (CESA-2008:0005)

Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the modimap...

SOL8186 - Cross-site scripting vulnerability in Apache mod_imap CVE-2007-5000

F5 Product Development has determined the likelihood of exploitation is low for the cross-site scripting XSS vulnerability disclosed in CVE-2007-5000. Exploiting this vulnerability would require an administrator of an F5 device to interact with a web page crafted by an attacker. Possible attacks...

CVE-2007-6405

Sergey Lyubka Simple HTTPD shttpd 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended 1 '+' character, 2 '.' character, 3 %2e sequence hex-encoded dot, or 4 hex-encoded character greater than 0x7f. NOTE: the %20 vector is...

CVE-2007-6404

Directory traversal vulnerability in Sergey Lyubka Simple HTTPD shttpd 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the URI...

CVE-2007-6404

Affected software: Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows. The vulnerability is a directory traversal in the URI (..) that enables remote attackers to read arbitrary files. The underlying issue is improper normalization of path traversal in shttpd’s request handling. Impa...