5742 matches found
Fedora Core 4 : httpd-2.0.54-10.2 (2005-849)
This update includes two security fixes. An issue was discovered in modssl where 'SSLVerifyClient require' would not be honoured in location context if the virtual host had 'SSLVerifyClient optional' configured CVE-2005-2700. An issue was discovered in memory consumption of the byterange filter f...
iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Management Interface DoS Vulnerability
Linksys WRT54G Management Interface DoS Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=308&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and router. More information is availab...
iDEFENSE Security Advisory 09.13.05: Linksys WRT54G 'restore.cgi' Configuration Modification Design Error Vulnerability
Linksys WRT54G 'restore.cgi' Configuration Modification Design Error Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=306&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and router...
RHEL 4 : httpd (RHSA-2005:608)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:608 advisory. The Apache HTTP Server is a popular and freely-available Web server. A flaw was discovered in modssl's handling of the SSLVerifyClient...
Apache Httpd < 2.0.55 : SSLVerifyClient bypass
A flaw in the modssl handling of the "SSLVerifyClient" directive. This flaw would occur if a virtual host has been configured using "SSLVerifyClient optional" and further a directive "SSLVerifyClient required" is set for a specific location. For servers configured in this fashion, an attacker may...
[UNIX] Discuz! Command Execution Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
Fedora Core 4 : httpd-2.0.54-10.1 (2005-639)
This update security fixes for CVE-2005-2088 and CVE-2005-1268, along with some minor bug fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
RHEL 4 : httpd (RHSA-2005:582)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:582 advisory. The Apache HTTP Server is a powerful, full-featured, efficient, and freely-available Web server. Watchfire reported a flaw that occured when...
FreeBSD : php -- readfile() DoS vulnerability (07f3fe15-a9de-11d9-a788-0001020eed82)
A SUSE Security advisory reports : A bug in the readfile function of php4 could be used to to crash the httpd running the php4 code when accessing files with a multiple of the architectures page size leading to a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2002-1930
Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username...
CVE-2002-1930
CVE-2002-1930 : Red Hat and other sources confirm a buffer overflow in AN HTTPd versions 1.38–1.4.1c that allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username. The available descriptions identify the affected product and the input vector but do not provide a...
CVE-2002-1850
The CVE-2002-1850 issue affects Apache’s mod_cgi in versions 2.0.39 and 2.0.40. A CGI script that writes a large amount of data to stderr can trigger a read/write deadlock between httpd and the CGI script, allowing local users and possibly remote attackers to cause a denial of service (hang and m...
CVE-2002-1850
modcgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service hang and memory consumption by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script...
CVE-2004-2096
Cross-site scripting XSS vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL...
CVE-2004-2096
Technical details about CVE-2004-2096 are not publicly available in the provided documents. Monitor for updates.
Fusion SBX <= 1.2 Remote Command Execution Exploit
No description provided by source. / Fusion SBX = 1.2 exploit sileFSBXxpl This exploit use vulnerability found into Fusion SBX and create new variable and call it with a malicious function stored in config.php. This exploit utilize injection of three diverse procedures for execution of arbitrary...
CVE-2003-1137
CVE-2003-1137 affects sh-httpd versions 0.3 and 0.4. The issue allows remote attackers to read files or execute arbitrary CGI scripts via a GET request containing an asterisk (*) wildcard character, indicating improper handling of wildcards in input. The provided documents do not specify a fix or...
CVE-2005-1086
Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header...
sumus[v0.2.2]: (httpd) remote buffer overflow exploit.
did a random audit of 'sumus' and found a unique/fun exploit situation... original exploit: http://fakehalo.us/xsumus.c ----------------------- example: xsumus ----------------------- gcc xsumus.c -o xsumus ./xsumus -h fedora.fakehalo.lan sumusv0.2.2: httpd remote buffer overflow exploit. by:...
Sumus 0.2.2 httpd Remote Buffer Overflow Exploit
No description provided by source. / sumusv0.2.2: httpd remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xsumus.c -o xsumus syntax: ./xsumus -pscrln -h host sumus homepage/url: http://sumus.sourceforge.net Mus is a Spanish cards game played by 4 folks...