5760 matches found
D-Link DWL-G700AP httpd DoS
author: l0om page: www.excluded.org product: D-Link DWL-G700AP firmware: tested on v2.00 and the latest v2.01 The DWL-G700AP is an accesspoint from D-Link and the only way to configure it is the http service which is managed from a httpd called "CAMEO". This webserver is very easy to DoS because...
D-Link DWL-G700AP 2.00/2.01 - HTTPd Denial of Service
// source: https://www.securityfocus.com/bid/16690/info D-Link DWL-G700AP HTTPD is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the 'httpd' service to properly handle malformed data. An attacker can exploit this issue to crash the affected webserver,...
D-Link DWL-G700AP 2.002.01 - HTTPd Denial of Service
D-Link DWL-G700AP 2.002.01 - HTTPd Denial of Service // source: https://www.securityfocus.com/bid/16690/info D-Link DWL-G700AP HTTPD is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the 'httpd' service to properly handle malformed data. An attacker can explo...
Update Protection against A Format String Vulnerability in mod_auth_pgsql for Apache
A vulnerability exists in multiple versions of an authentication module modauthpgsql for Apache httpd. To exploit this vulnerability, a user can supply specially crafted information to trigger a flaw in certain logging functions of the module. Successful exploitation could result in the execution...
[SECURITY] [DSA 935-1] New libapache2-mod-auth-pgsql packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 935-1 [email protected] http://www.debian.org/security/ Michael Stone January 10, 2006 http://www.debian.org/security/faq -...
iDefense Security Advisory 01.09.06: Multiple Vendor mod_auth_pgsql Format String Vulnerability
Multiple Vendor modauthpgsql Format String Vulnerability iDefense Security Advisory 01.09.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=367 January 09, 2006 I. BACKGROUND The modauthpgsql apache module allows user authentication against information stored in a PostgreSQL...
mod_auth_pgsql security update
CentOS Errata and Security Advisory CESA-2006:0164 Updated modauthpgsql packages that fix format string security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. The modauthpgsql...
httpd cross-site scripting flaw in mod_imap
Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...
CVE-2005-4857
eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service Apache httpd segmentation fault via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a...
CVE-2005-4857
eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service Apache httpd segmentation fault via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a...
httpd cross-site scripting flaw in mod_imap
Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...
CVE-2005-3352
Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...
CVE-2005-3352
The CVE-2005-3352 entry documents a cross-site scripting (XSS) vulnerability in the Apache httpd mod_imap (and mod_imagemap) module. The issue arises from improper handling of the Referer header when using image maps, allowing an attacker to inject arbitrary script or HTML. Affected software is A...
CVE-2005-3352
Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...
CVE-2005-3352
Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...
Apache Httpd < 2.2.2 : mod_ssl access control DoS
A NULL pointer dereference flaw in modssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This...
Apache Httpd < 2.0.58 : mod_ssl access control DoS
A NULL pointer dereference flaw in modssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This...
CVE-2002-2131
Directory traversal vulnerability in Perl-HTTPd before 1.0.2 allows remote attackers to view arbitrary files via a .. dot dot in an unknown argument...
CVE-2002-2131
CVE-2002-2131 : Perl-HTTPd before 1.0.2 has a directory traversal flaw that lets remote attackers view arbitrary files via a .. in an unknown argument. The NVD entry assigns a CVSSv2 base score of 5.0 (Medium) with network access and low complexity; confidentiality impact is partial. Red Hat’s en...
JVN#30451602 HTTPD-User-Manage cross-site scripting vulnerability
Impact A malicious script may be executed on the web browser of the user who can access HTTPD-User-Manage. Solution Products Affected HTTPD-User-Manage 1.62 and earlier...