DEBIAN-CVE-2012-3513

munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command...

PHP 5.2.x filter_globals Subsequence Request Parsing Remote Code Execution

According to its banner, the version of PHP installed on the remote host is in the 5.2 release branch. As such, it reportedly may be affected by a remote code execution vulnerability. An error in the file 'ext/filter/filter.c' does not properly clear the 'filterglobals' struct if PHP encounters...

ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-031 February 8, 2012 - -- CVE ID: CVE-2011-4194 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected...

Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Server. Authentication is not required to exploit this vulnerability. The flaw exists within the modipp apache module component of the iprint-server, which listens by default on...

[SECURITY] Fedora 16 Update: php-5.3.8-3.fc16

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

CVE-2011-1176

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileg...

SLES9: Security update for webdav apache module

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: moddav For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5013988 within the SuSE...

SLES9: Security update for webdav apache module

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: moddav For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5013988 within the SuSE...

Mandrake Security Advisory MDVSA-2009:240 (apache)

The remote host is missing an update to apache announced via advisory MDVSA-2009:240. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

SuSE9 Security Update : the webdav apache module (YOU Patch Number 9363)

A vulnerability in the WebDAV module has been fixed. A remote attacker could crash a server process, leading to a Denial of Service scenario. Only installations configured for WebDAV access were affected. See http://nagoya.apache.org/bugzilla/showbug.cgi?id=31183. CVE-2004-0809 has been assigned ...

SecurityReason: PHP 5.2.6 SAPI php_getuid() overload

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityReason.com : PHP 5.2.6 SAPI phpgetuid overload Author: Maksymilian Arciemowicz securityreason.com Date: - - Written: 20.11.2008 - - Public: 05.12.2008 SecurityReason Research SecurityAlert Id: 59 SecurityRisk: High Affected Software: PHP 5.2.6...

PHP 5 < 5.2.7 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is prior to 5.2.7. It is, therefore, affected by multiple vulnerabilities : - There is a buffer overflow flaw in the bundled PCRE library that allows a denial of service attack. CVE-2008-2371 - Multiple directory traversal...

Oracle WebLogic Server mod_wl Invalid Parameter Remote Overflow (1150354)

The remote web server is using the WebLogic plug-in for Apache modwl, an Apache module included with Oracle formerly BEA WebLogic Server and used to proxy requests from an Apache HTTP server to WebLogic. The version of this plug-in on the remote host is affected by a stack buffer overflow that is...

mod_ssl SSLCipherSuite bypass

The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...

Debian Security Advisory DSA 1550-1 (suphp)

The remote host is missing an update to suphp announced via advisory DSA 1550-1. OpenVAS Vulnerability Test $Id: deb15501.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1550-1 suphp Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-1550-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 17, 2008 http://www.debian.org/security/faq -...

DSA-1550-1 suphp

Bulletin has no description...

Stack overflow

Multiple stack-based buffer overflows in the legacy modjk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long 1 Host header, or 2 Hostname within a Host header...

SOL7886 - Remote vulnerability in the mod_jk2 Apache module, VU #771937

A vulnerability exists in the legacy version of the modjk2 Apache module. If successfully exploited, an attacker may be able to run arbitrary code on affected system. Information about this advisory is available at the following location: F5 Product Development tracked this issue as CR83564 and i...

Apache mod_mem_cache information leak

Under some conditions data from previsously sent server reply headers may be leaked...