DSA-187 apache - several vulnerabilities

Bulletin has no description...

iDEFENSE Security Advisory 10.03.2002: Apache 1.3.x shared memory scoreboard vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.03.2002 Apache 1.3.x shared memory scoreboard vulnerabilities 16:00 GMT, October 3, 2002 I. BACKGROUND The Apache Software Foundation's HTTP Server is an effort to develop and maintain an open-source HTTP server for moder...

Apache 2.0 vulnerability affects non-Unix platforms

-----BEGIN PGP SIGNED MESSAGE----- For Immediate Disclosure =============== SUMMARY ================ Title: Apache 2.0 vulnerability affects non-Unix platforms Date: 9th August 2002 Revision: 2 Product Name: Apache HTTP server 2.0 OS/Platform: Windows, OS2, Netware Permanent URL:...

ISS Advisory: Remote Compromise Vulnerability in Apache HTTP Server

TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...

Apache HTTP Server on Win32 systems does not securely handle input passed to CGI programs

Overview A vulnerability in the Apache HTTP Server running on Win32 systems Windows 9x/Me, Windows NT/2000/XP could allow an attacker to execute commands with the privileges of the web server process. Description The Apache HTTP Server is a freely available web server that runs on a variety of...

Oracle9i Application Server PL/SQL Gateway web administration interface uses null authentication by default

Overview A vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle 9i Application Server iAS. In its default configuration, the PL/SQL module grants unauthenticated access to the PL/SQL gateway web-based administration interface. Description...

CVE-1999-1412

A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service crash via a flood of HTTP GET requests to CGI programs, which generates a large number of processes...

CVE-1999-1412

CVE-1999-1412 describes a DoS risk from an interaction between MacOS X 1.0 and Apache HTTP server, where a flood of HTTP GET requests to CGI programs can spawn many processes on affected systems. Connected sources provide concrete details indicating the issue relates to the Apache httpd component...

Apache 1.3 - Artificially Long Slash Path Directory Listing (1)

Apache 1.3 - Artificially Long Slash Path Directory Listing 1 source: https://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, include...

CVE-2000-0505

The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters...

mod_perl for Apache HTTP Server /perl/ Directory Listing (deprecated)

The /perl directory is browsable. This will show you the name of the installed common perl scripts and those that are written by the webmaster and thus may be exploitable. This plugin has been deprecated. Webmirror3 plugin ID 10662 will identify a browsable directory. %NASLMINLEVEL 999999 C Tenab...

Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 - Root Directory Access

source: https://www.securityfocus.com/bid/1284/info Apache HTTP Server 1.3.x win32 allows people to get a directory listing of a directory, if it is enabled in the config, even if an index file is present that would normally be displayed instead. This can be achieved by sending a number of "/"...

Apache 1.3.61.3.91.3.111.3.121.3.20 - Root Directory Access

Apache 1.3.61.3.91.3.111.3.121.3.20 - Root Directory Access source: https://www.securityfocus.com/bid/1284/info Apache HTTP Server 1.3.x win32 allows people to get a directory listing of a directory, if it is enabled in the config, even if an index file is present that would normally be displayed...

CVE-1999-0071

Apache httpd cookie buffer overflow for versions 1.1.1 and earlier...

NCSA 1.3/1.4.x/1.5 / Apache HTTPd 0.8.11/0.8.14 - ScriptAlias Source Retrieval

source: https://www.securityfocus.com/bid/2300/info NSCA httpd prior to and including 1.5 and Apache Web Server prior to 1.0 contain a bug in the ScriptAlias function that allows remote users to view the source of CGI programs on the web server, if a ScriptAlias directory is defined under...

CVE-1999-1412

A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service crash via a flood of HTTP GET requests to CGI programs, which generates a large number of processes...

FreeBSD-SA-96:02.apache

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-96:02 Security Advisory FreeBSD, Inc. Topic: apache httpd meta-character escaping Category: port Module: apache Announced: 1996-04-22 Affects: FreeBSD 2.0.5 and 2.1.0...