Exploit for Path Traversal in Apache Http_Server

CVE-2021-42013 This is the deployment for Apache 2.4.50 which...

Apache HTTP Server 输入验证错误漏洞

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server 2.4.52 and earlier versions are vulnerable to an input validation error that results from setting LimitXMLRequestBody to allow request bodies larger than 350MB 1M by default on 32-bit systems, which cou...

KLA12485 Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Integer overflow vulnerability in LimitXMLRequestBody can ...

Apache HTTP Server 环境问题漏洞

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server is vulnerable to an environmental issue that results from Apache HTTP Server's inability to close inbound connections when dropping the body of a request, leading to request smuggling. The vulnerability...

Apache HTTP Server <= 2.4.52 Multiple Vulnerabilities - Windows

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

PT-2022-1925 · Apache +10 · Apache Http Server +10

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server 2.4 versions 2.4.52 and prior versions Description: The issue is related to an out-of-bounds write vulnerability in the mod sed module of Apache HTTP Server. This vulnerability allows an attacker to overwrite heap memory wi...

Apache httpd -- Multiple vulnerabilities

The Apache httpd project reports: modlua: Use of uninitialized value of in r:parsebody moderate CVE-2022-22719A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. HTTP request smuggling vulnerability important CVE-2022-22720 httpd fails...

Apache 2.4.x < 2.4.53 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.53. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.53 advisory. - modlua Use of uninitialized value of in r:parsebody: A carefully crafted request body can cause a read to a random memory are...

Apache Httpd < 2.4.53 : mod_lua Use of uninitialized value of in r:parsebody

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Apache2 2.4.49 - LFI & RCE Exploit Info...

AlmaLinux 8 : httpd:2.4 (ALSA-2021:4257)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4257 advisory. httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-3064...

AlmaLinux 8 : httpd:2.4 (ALSA-2022:0258)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:0258 advisory. httpd: modlua: Possible buffer overflow when parsing multipart content CVE-2021-44790 Tenable has extracted the preceding description block directly from the...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Description This script exploits CVE-2021-...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-42013 Description This script exploits CVE-2021-...

Security Bulletin: IBM Rational Build Forge is affected by Apache HTTP Server version used in it. (CVE-2021-44790)

Summary IBM Rational Build Forge version 8.0 - 8.0.0.20 is affected by CVE-2021-44790 Vulnerability Details CVEID: CVE-2021-44790 DESCRIPTION: Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking in the modlua multipart parser called from Lua scripts. By sendi...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-1306)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixi...

PT-2022-3356 · Apache +10 · Apache Http Server +10

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.53 and prior versions Description: The issue is related to the inconsistent interpretation of HTTP requests, also known as 'HTTP Request Smuggling', in the mod proxy ajp module of the Apache HTTP Server. This...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1306)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Apache HTTP Server as used by IBM QRadar SIEM is vulnerable to buffer overflow and denial of service (CVE-2021-44790, CVE-2021-34798, CVE-2021-39275)

Summary Apache HTTP Server as used by IBM QRadar SIEM contains multiple vulnerabilities which include buffer overflow and denial of service. Vulnerability Details CVEID: CVE-2021-44790 DESCRIPTION: Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking in the...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Usage bash docker-compose up -d --build...