EUVD-2002-0831

Malware in sbrugna...

SUSE CVE-2002-0392

Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size...

SUSE CVE-2002-0839

The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service process kill or possibly other behaviors that would not normally be allowed, by modifying the...

Apache mod_jk 1.2.20 Buffer Overflow

No description provided by source. $Id: apachemodjkoverflow.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit

No description provided by source. / m00-apache-w00t.c Apache 1.3.-2.0.48 remote users disclosure exploit by m00 Security. Proof-of-Concept edition This tool scans remote hosts with httpd apache and disclosure information about existens users accounts via wrong default configuration of moduserdir...

Apache mod_proxy_ftp FTP命令注入漏洞

Apache modproxyftp是一款用于处理FTP代理请求的Apache模块。 Apache modproxyftp存在输入验证错误，远程攻击者可以通过在发送给apache服务器的请求中构建特殊的"Authorization"头，可传递FTP命令给FTP服务器。 在通常的情况下，apache modproxyftp不允许发送任意FTP命令给FTP服务器，Apache只发送一些有线的命令给FTP服务器，如USER, PASS, PWD等，modproxyftp存在漏洞允许用户编码任何FTP命令作为"Authorization"头数据，并由apache传递给FTP服务器执行。 Apac...

Apache 1.3.x < 1.3.41 Multiple Vulnerabilities (DoS, XSS)

According to its banner, the version of Apache 1.3.x running on the remote host is prior to 1.3.41. It is, therefore, affected by multiple vulnerabilities : - A denial of service issue in modproxy when parsing date-related headers. CVE-2007-3847 - A cross-site scripting issue involving modimap...

CVE-2008-0005

modproxyftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting XSS attacks using UTF-7 encoding...

Apache Prefork MPM vulnerabilities - Report

----- Apache Prefork MPM vulnerabilities ---------------------------------- PSNC Security Team http://security.psnc.pl/files/apachereport.pdf 1. Introduction This small case study is a result of source code analysis of Apache httpd server MPM modules. The main goal of this document is to show, wh...

HP-UX PHSS_34204 : HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access (HPSBUX02101 SSRT051128 rev.1)

s700800 11.04 Webproxy server 2.0 update : A security vulnerability has been identified in Apache HTTP server versions prior to Apache 1.3.34 that may allow HTTP Request Splitting/Spoofing attacks, resulting in remote unauthorized access. References: Apache HTTP Server version 1.3.34 announcement...

HP-UX PHSS_34121 : HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access (HPSBUX02101 SSRT051128 rev.1)

s700800 11.04 Virtualvault 4.7 Apache 1.x OWS update : A security vulnerability has been identified in Apache HTTP server versions prior to Apache 1.3.34 that may allow HTTP Request Splitting/Spoofing attacks, resulting in remote unauthorized access. References: Apache HTTP Server version 1.3.34...

CVE-2004-0940

Buffer overflow in the gettag function in modinclude for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI XSSI documents that trigger a length calculation error...

CVE-2004-0940

Buffer overflow in the gettag function in modinclude for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI XSSI documents that trigger a length calculation error...

Apache 1.3.x mod_include - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/11471/info The problem presents itself when the affected module attempts to parse modinclude-specific tag values. A failure to properly validate the lengths of user-supplied tag strings before copying them into finite buffers facilitates the overflow. ...

security flaw

The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service process kill or possibly other behaviors that would not normally be allowed, by modifying the...