5830 matches found
tomcat directory traversal
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...
Important: Red Hat Security Advisory: php security update
Updated PHP packages that fix two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A hea...
tomcat directory traversal
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...
CentOS 5 : php (CESA-2007:0153)
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A...
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.5.fc6
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
Apache HTTPD suEXEC本地特权提升漏洞
Apache HTTP server是一款流行的WEB服务程序。 Apache HTTP server包含的suexec应用程序存在设计问题,本地攻击者可以利用漏洞提升特权。 问题一是路径检查竞争条件漏洞 在获得当前目录和更改目录中存在竞争条件问题。另一个存在于更改目录和检查目录是否为链接也存在竞争条件问题。目录结构在这些操作中更换,会导致可以在攻击者选择的任意目录中执行lstat。通过使用符号链接或重命名父目录来利用。第三个竞争条件存在于最后符号链接检查和执行目标两进制程序中。 问题二是路径检查错误 suexec工具使用strncmp检查是否当前目录是DOCU...
CVE-2007-1743
suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vend...
CVE-2007-1743
suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vend...
Design/Logic Flaw
suexec in Apache HTTP Server httpd 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "htmlbackup" and "htmleditor" under an "html...
Design/Logic Flaw
suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vend...
CVE-2007-1742
suexec in Apache HTTP Server httpd 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "htmlbackup" and "htmleditor" under an "html...
CVE-2007-1742
suexec in Apache HTTP Server httpd 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "htmlbackup" and "htmleditor" under an "html...
CVE-2007-1743
suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vend...
CVE-2007-1742
Apache HTTP Server (httpd) 2.2.3’s suexec uses a partial path comparison to determine if the current directory is within the document root. This may allow local users to operate on incorrect directories under an html directory (e.g., html_backup/htmleditor). The issue is described across multiple...
CVE-2007-1743
CVE-2007-1743 affects Apache HTTP Server (httpd) with the suexec module. The issue is that suexec (in httpd 2.2.3) does not verify combinations of user and group IDs on the command line, which might allow a local user to leverage other vulnerabilities to create arbitrary UID/GID–owned files if /p...
CVE-2007-1742
suexec in Apache HTTP Server httpd 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "htmlbackup" and "htmleditor" under an "html...
CVE-2007-1743
suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vend...
CVE-2007-1742
suexec in Apache HTTP Server httpd 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "htmlbackup" and "htmleditor" under an "html...
CVE-2007-1741
Multiple race conditions in suexec in Apache HTTP Server httpd 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that th...
CVE-2007-1741
Multiple race conditions in suexec in Apache HTTP Server httpd 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that th...