Simple HTTPD <= 1.38 Multiple Remote Vulnerabilities

No description provided by source. Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: = 1.38 Platforms: Windows, nix, QNX, RTEMS only Windows seems vulnerable Bugs: A directory traversal B scripts and CGI viewing/downloading %20 char found by Shay priel in Jun 2007...

Simple HTTPD multiple security vulnerabilities

Directory traversal, script source code access...

Two vulnerabilities in Simple HTTPD 1.38

Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: = 1.38 Platforms: Windows, nix, QNX, RTEMS only Windows seems vulnerable Bugs: A directory traversal B scripts and CGI viewing/downloading 20 char found by Shay priel in Jun 2007 Exploitation: remote Date: 07 Dec 200...

simple-traverse.txt

Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: = 1.38 Platforms: Windows, nix, QNX, RTEMS only Windows seems vulnerable Bugs: A directory traversal B scripts and CGI viewing/downloading %20 char found by Shay priel in Jun 2007 Exploitation: remote Date: 07 Dec 20...

Simple HTTPd 1.38 - Multiple Vulnerabilities

Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: = 1.38 Platforms: Windows, nix, QNX, RTEMS only Windows seems vulnerable Bugs: A directory traversal B scripts and CGI viewing/downloading %20 char found by Shay priel in Jun 2007 Exploitation: remote Date: 07 Dec 20...

Simple HTTPD <= 1.38 Multiple Remote Vulnerabilities

Exploit for unknown platform in category remote exploits ==================================================== Simple HTTPD = 1.38 Multiple Remote Vulnerabilities ==================================================== Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: =...

httpd security, bug fix, and enhancement update

2.0.52-38.ent.0.1 - use oracle index page oracleindex.html - updated string and distro in specfile 2.0.52-38.ent - fix server version string 236419 2.0.52-37.ent - add security fix for CVE-2007-3847 250760 2.0.52-36.ent - add modversion, load in default httpd.conf 248696 2.0.52-35.ent - add...

httpd security, bug fix, and enhancement update

2.2.3-11.el5.0.1 - use oracle index page oracleindex.html, update vstring and distro 2.2.3-11.el5 - mark httpd.conf confignoreplace 247881 2.2.3-10.el5 - add security fix for CVE-2007-3847 250761 2.2.3-9.el5 - load modversion by default 247881 2.2.3-8.el5 - add 'ServerTokens Full-Release' config...

RHEL 4 : httpd (RHSA-2007:0747)

Updated httpd packages that fix a security issue, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web...

RHEL 5 : httpd (RHSA-2007:0746)

Updated httpd packages that fix a security issue, fix various bugs, and add enhancements, are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available...

Fedora 7 : httpd-2.2.6-1.fc7 (2007-2214)

This update includes the latest stable release of the Apache HTTP Server. A flaw was found in the Apache HTTP Server modproxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that...

CVE-2002-2317

Memory leak in the 1 httpd, 2 nntpd, and 3 vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service memory consumption via an unknown method...

CVE-2002-2317

CVE-2002-2317 concerns VelociRaptor 1.0, indicating a memory leak in three components: httpd, nntpd, and the vpn driver. The underlying issue is a memory consumption DoS that can be triggered by remote attackers using an unknown method. Referenced sources (NVD, Red Hat, CVE listings) confirm the ...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix two security issues are now available for Red Hat Application Stack. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the...

Apache Httpd < 2.0.63 : mod_imagemap XSS

A flaw was found in the modimagemap module. On sites where modimagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible...

Apache Httpd < 2.2.8 : mod_imagemap XSS

A flaw was found in the modimagemap module. On sites where modimagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible...

Apache Httpd < 1.3.41 : mod_imagemap XSS

A flaw was found in the modimagemap module. On sites where modimagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible...

Apache Httpd < 2.2.9 : mod_proxy_balancer CSRF

The modproxybalancer provided an administrative interface that could be vulnerable to cross-site request forgery CSRF attacks...

[EXPL] Airsensor M520 HTTPD Preauth DoS and Buffer Overflow &#40;Exploit&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Fedora Core 6 : httpd-2.2.6-1.fc6 (2007-707)

This update includes the latest release of httpd, fixing two security issues. A flaw was found in the modproxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. O...