5824 matches found
[SECURITY] Fedora 7 Update: httpd-2.2.6-1.fc7
The Apache HTTP Server is a powerful, efficient, and extensible web server...
Cross site scripting
Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...
CVE-2007-4465
Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...
CVE-2007-4465
Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...
DEBIAN-CVE-2007-4465
Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...
CVE-2007-4465
Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...
CVE-2007-4465
The CVE-2007-4465 entry covers an XSS in Apache httpd’s mod_autoindex.c (pre-2.2.6) where an undefined page charset allows injection via the P parameter using UTF-7. Impact is cross-site scripting; remediation is to upgrade Apache httpd to 2.2.6 or newer (as per the cited advisory). The descripti...
PT-2007-5645 · Apache +1 · Apache Http Server +1
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions prior to 2.2.6 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset when the charset on a server-generated page is...
Directory traversal
Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence...
CVE-2007-4723
CVE-2007-4723 affects Ragnarok Online Control Panel 4.3.4a when used with the Apache HTTP Server. The vulnerability is a directory traversal that allows remote attackers to bypass authentication via crafted URIs ending with publicly accessible pages, demonstrated by a "/...../" sequence and an ac...
CVE-2007-4723
Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence...
ragnarok-bypass.txt
VaLiuS has reported a vulnerability in Ragnarok Online Control Panel, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the authentication process when checking page access. This can be exploited to bypass the...
Apache HTTP Server Worker进程多个本地拒绝服务漏洞
BUGTRAQ ID: 24215 CVECAN ID: CVE-2007-3304 Apache HTTP Server是一款流行的Web服务器。 Apache HTTP Server Worker进程实现上存在多个漏洞,本地攻击者可能利用这些漏洞导致服务不可用。 在发送信号之前Apache HTTP Server没有验证进程为Apache子进程。能够在Apache HTTP Server上运行脚本的本地攻击者可以控制记分板并终止任意进程,导致拒绝服务。 如果Apache httpd安装了Prefork...
printenv.pl(all versions) cross site scripting Vulnerability
...:::::printenv.plall versions cross site scripting Vulnerability::::.... Virangar Security Team www.virangar.org -------- Discoverd By : hadihadi & black.shadowes special tnx to:MR.nosrati,MR.hesy,satan,IGI,zahra & all virangar members & all iranian hackerz greetz:to my best friend in the world...
Fedora Core 6 : httpd-2.2.4-2.1.fc6 (2007-615)
The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2007:0662 Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a...
httpd mod_status XSS
Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...
Moderate: Red Hat Security Advisory: httpd security update
Updated Apache httpd packages that correct two security issues are now available for Red Hat Application Stack. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the Apache HTTP...
[SECURITY] Fedora Core 6 Update: httpd-2.2.4-2.1.fc6
The Apache HTTP Server is a powerful, efficient, and extensible web server...
Fedora Core 5 : httpd-2.2.2-1.3 (2007-617)
The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of...