Apache 2.2.x < 2.2.32 Multiple Vulnerabilities (httpoxy)

According to its banner, the version of Apache running on the remote host is 2.2.x prior to 2.2.32. It is, therefore, affected by the following vulnerabilities : - The Apache HTTP Server is affected by a man-in-the-middle vulnerability known as 'httpoxy' due to a failure to properly resolve...

Apache 2.2.x < 2.2.28 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.28. It is, therefore, affected by the following vulnerabilities : - A flaw exists within the 'modheaders' module which allows a remote attacker to inject arbitrary headers. This is done by placing a...

Apache 2.2.x < 2.2.27 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x running on the remote host is a version prior to 2.2.27. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists with the 'moddav' module that is caused when tracking the length of CDATA that has leading white...

Apache 2.2.x < 2.2.25 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.25. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists in the 'RewriteLog' function where it fails to sanitize escape sequences from being written to log files,...

Apache 2.2.x < 2.2.23 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.23. It is, therefore, potentially affected by the following vulnerabilities : - The utility 'apachectl' can receive a zero-length directory name in the LDLIBRARYPATH via the 'envvars' file. A local...

Apache 2.2.x < 2.2.25 Remote Denial of Service Vulnerability

Binary data 801383.prm...

Apache HTTP Server 'ap_pregsub()'function local denial of service vulnerability-vulnerability warning-the black bar safety net

Affected system: Apache Group The Apache 2.2. x Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 5 0 6 3 9 CVE ID: CVE-2 0 1 1-4 4 1 5 Apache HTTP Server is the Apache Software Foundation an open source web server, you can In most...

Apache HTTP Server mod_proxy反向代理模式安全限制绕过漏洞

BUGTRAQ ID: 50802 CVE ID: CVE-2011-4317 Apache HTTP Server是Apache软件基金会的一个开放源代码的网页服务器，可以在大多数电脑操作系统中运行，由于其跨平台和安全性被广泛使用，是最流行的Web服务器端软件之一。 Apache HTTP Server在反向代理模式中配置modproxy模块时错误地处理了某些Web请求，可通过特制的URL向代理后方的服务器发送请求，从而绕过某些安全限制。 Apache 2.2.x Apache 2.0.x 厂商补丁： Apache Group ------------...

Apache mod_proxy_ftp FTP命令注入漏洞

Apache modproxyftp是一款用于处理FTP代理请求的Apache模块。 Apache modproxyftp存在输入验证错误，远程攻击者可以通过在发送给apache服务器的请求中构建特殊的"Authorization"头，可传递FTP命令给FTP服务器。 在通常的情况下，apache modproxyftp不允许发送任意FTP命令给FTP服务器，Apache只发送一些有线的命令给FTP服务器，如USER, PASS, PWD等，modproxyftp存在漏洞允许用户编码任何FTP命令作为"Authorization"头数据，并由apache传递给FTP服务器执行。 Apac...

Apache 2.2.x < 2.2.12 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x. running on the remote host is prior to 2.2.12. It is, therefore, affected by the following vulnerabilities : - A heap-based buffer underwrite flaw exists in the function 'aprstrmatchprecompile' in the bundled copy of the APR-util library, whic...

Code injection

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv96 allows 1 context-dependent attackers to cause a denial of service panic via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server wi...

CVE-2008-0005

modproxyftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting XSS attacks using UTF-7 encoding...

CVE-2008-0005

modproxyftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting XSS attacks using UTF-7 encoding...