Apache httpd Remote Denial of Service (memory exhaustion)

No description provided by source. Apache httpd Remote Denial of Service memory exhaustion By Kingcope Year 2011 Will result in swapping memory to filesystem on the remote side plus killing of processes when running out of swap space. Remote System becomes unstable. use IO::Socket; use...

Debian Security Advisory DSA 2251-1 (subversion)

The remote host is missing an update to subversion announced via advisory DSA 2251-1. OpenVAS Vulnerability Test $Id: deb22511.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2251-1 subversion Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian Security Advisory DSA 2237-1 (apr)

The remote host is missing an update to apr announced via advisory DSA 2237-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

[BSA-037] Security Update for subversion

Peter Samuelson uploaded new packages for subversion which fixed the following security problems: CVE-2011-1752 Subversions moddavsvn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources...

Subversion "mod_dav_svn"多个拒绝服务和信息泄露漏洞

BUGTRAQ ID: 48091 CVE ID: CVE-2011-1752,CVE-2011-1783,CVE-2011-1921,CVE-2011-1921 Subversion是一个自由，开源的版本控制系统。 Subversion在moddavsvn的实现上存在多个拒绝服务和信息泄露漏洞，远程攻击者可利用这些漏洞使应用程序崩溃，消耗掉所有内存资源或获取敏感信息。 Subversion的moddavsvn Apache HTTPD服务器模块在某些情境中会进入不存在的且每次重复都分配内存的逻辑循环，最终消耗服务器上的所有内存。 Apache Group Subversion 1.x...

subversion: security udpate (important)

Subversion was updated to version 1.6.17 to fix several security issues: - CVE-2011-1752: The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The moddavsvn Apache HTTPD server module can trigger a loop which consumes al...

Debian DSA-2251-1 : subversion - several vulnerabilities

Several vulnerabilities were discovered in Subversion, the version control system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-1752 The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. ...

Mandriva Update for subversion MDVSA-2011:106 (subversion)

Check for the Version of subversion OpenVAS Vulnerability Test Mandriva Update for subversion MDVSA-2011:106 subversion Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

FreeBSD : Subversion -- multiple vulnerabilities (e27a1af3-8d21-11e0-a45d-001e8c75030d)

Subversion team reports : Subversion's moddavsvn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources. This can lead to a DoS. An exploit has been tested, and tools or users have been observed triggering this problem in the wild. Subversion's...

DSA-2251-1 subversion - several

Bulletin has no description...

[SECURITY] [DSA 2251-1] subversion security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2251-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 02, 2011 http://www.debian.org/security/faq -...

Subversion -- multiple vulnerabilities

Subversion team reports: Subversion's moddavsvn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources. This can lead to a DoS. An exploit has been tested, and tools or users have been observed triggering this problem in the wild. Subversion's...

[SECURITY] [DSA 2237-2] apr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2237-2 [email protected] http://www.debian.org/security/ Stefan Fritsch May 21, 2011 http://www.debian.org/security/faq -...

Debian DSA-2237-1 : apr - denial of service

A flaw was found in the APR library, which could be exploited through Apache HTTPD's modautoindex. If a directory indexed by modautoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be use...

[SECURITY] [DSA 2237-1] apr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2237-1 [email protected] http://www.debian.org/security/ Stefan Fritsch May 15, 2011 http://www.debian.org/security/faq -...

DSA-2237-2 apr - denial of service

Bulletin has no description...

Apache Httpd < 2.2.19 : apr_fnmatch flaw leads to mod_autoindex remote DoS

A flaw was found in the aprfnmatch function of the bundled APR library. Where modautoindex is enabled, and a directory indexed by modautoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could b...

Apache Httpd < 2.0.65 : apr_fnmatch flaw leads to mod_autoindex remote DoS

A flaw was found in the aprfnmatch function of the bundled APR library. Where modautoindex is enabled, and a directory indexed by modautoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could b...

Apache HTTPD mod_negotiation Scanner

This module scans the webserver of the given hosts for the existence of modnegotiate. If the webserver has modnegotiation enabled, the IP address will be displayed. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework clas...

Apache HTTPD mod_negotiation Filename Bruter

This module performs a brute force attack in order to discover existing files on a server which uses modnegotiation. If the filename is found, the IP address and the files found will be displayed. This module requires Metasploit: https://metasploit.com/download Current source:...