Lucene search
K

266 matches found

RedHat Linux
RedHat Linux
added 2009/07/14 7:7 p.m.3 views

httpd: AllowOverride Options=IncludesNoExec allows Options Includes

The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring 1 Options Includes, 2 Options +Includes, or 3 Options +IncludesNOEXEC in a .htaccess file, and then...

4.9CVSS7.1AI score0.01955EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.31 views

CentOS Update for php CESA-2008:0546-01 centos2 i386

Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2008:0546-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

10CVSS9.1AI score0.04289EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2008/05/20 2:12 p.m.8 views

mod_ssl SSLCipherSuite bypass

The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...

7.5CVSS5.9AI score0.13835EPSS
Exploits0References4
OSV
OSV
added 2008/01/12 12:46 a.m.10 views

CVE-2008-0005

modproxyftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting XSS attacks using UTF-7 encoding...

6.1AI score
Exploits0References76
OSV
OSV
added 2007/08/23 10:17 p.m.7 views

CVE-2007-3847

The date handling code in modules/proxy/proxyutil.c modproxy in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service caching forward proxy process crash via crafted date headers that trigger a buffer over-read...

6.5AI score
Exploits0References94
OSV
OSV
added 2006/07/28 6:2 p.m.8 views

CVE-2006-3747

Off-by-one error in the ldap scheme handling in the Rewrite module modrewrite in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via...

7.6AI score
Exploits0References100
securityvulns
securityvulns
added 2006/07/28 12:0 a.m.72 views

[Full-disclosure] [USN-328-1] Apache vulnerability

=========================================================== Ubuntu Security Notice USN-328-1 July 27, 2006 apache2 vulnerability CVE-2006-3747 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LT...

7.6CVSS0.1AI score0.96436EPSS
Exploits20
OSV
OSV
added 2006/01/23 12:0 a.m.10 views

DSA-952-1 libapache-auth-ldap - format string vulnerability

Bulletin has no description...

7.5CVSS6.3AI score0.05434EPSS
Exploits0
securityvulns
securityvulns
added 2005/06/14 12:0 a.m.28 views

[Full-disclosure] [CIRT.DK - Advisory] Novell iManager 2.0.2 ASN.1 Parsing vulnerability in Apache module

ID: NOVL102200 Domain: primus Solution Class: Novell Fact: Novell iManager 2.02 Fact: Apache 2.0.48 Fact: OpenSSL 0.9.7 Symptom: OpenSSL ASN.1 Parsing vulnerability in Apache Symptom: Server stops responding and an error occurs Cause: Multiple vulnerabilities were reported in the ASN.1 parsing co...

1.7AI score
Exploits0
Ubuntu
Ubuntu
added 2005/05/06 6:4 p.m.48 views

USN-120-1: Apache 2 vulnerability

Luca Ercoli discovered that the "htdigest" program did not perform any bounds checking when it copied the "user" and "realm" arguments into local buffers. If this program is used in remotely callable CGI scripts, this could be exploited by a remote attacker to execute arbitrary code with the...

7.5CVSS5.7AI score0.29096EPSS
Exploits1
exploitpack
exploitpack
added 2005/05/06 12:0 a.m.26 views

Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (1)

Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow 1 // source: https://www.securityfocus.com/bid/13537/info A buffer overflow vulnerability exists in the htdigest utility included with Apache. The vulnerability is due to improper bounds checking when copying user-supplied realm...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2005/05/06 12:0 a.m.66 views

Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/13537/info A buffer overflow vulnerability exists in the htdigest utility included with Apache. The vulnerability is due to improper bounds checking when copying user-supplied realm data into local buffers. By supplying an overly long realm value to th...

7AI score
Exploits0
Debian CVE
Debian CVE
added 2005/03/13 5:0 a.m.42 views

CVE-2002-1592

The aplogrerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information...

5CVSS6.2AI score0.12458EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/16 12:0 a.m.13 views

HP-UX PHSS_29987 : HP-UX Running Apache, Remote Denial of Service (DoS) or Elevation Privilege, or Execution of Arbitrary Code (HPSBUX00197 SSRT2332 rev.11)

s700800 11.X OV NNM6.31/ET1.51 Intermediate Patch, Nov-03 : A potential remotely exploitable vulnerability in handling of large data chunks in Apache-based web servers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP...

5.4AI score
Exploits0References1
NVD
NVD
added 2004/12/31 5:0 a.m.19 views

CVE-2004-0811

Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration...

7.5CVSS7.6AI score0.06813EPSS
Exploits1References19
OSV
OSV
added 2004/12/31 5:0 a.m.6 views

CVE-2004-0811

Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration...

7.5CVSS6.4AI score0.06813EPSS
Exploits1References19
UbuntuCve
UbuntuCve
added 2004/12/31 5:0 a.m.27 views

CVE-2004-0811

Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration...

7.5CVSS5.9AI score0.06813EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/12/09 12:0 a.m.43 views

Apache on Mac OS X HFS+ Arbitrary File Source Disclosure

The remote host seems to be running Mac OS X or Mac OS X Server. There is a flaw in the remote web server that allows an attacker to obtain the source code of any given file on the remote web server by reading it through its data fork directly. An attacker may exploit this flaw to obtain the sour...

7.5CVSS5.7AI score0.01878EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/11/17 12:0 a.m.34 views

Mandrake Linux Security Advisory : apache2 (MDKSA-2004:135)

A vulnerability in apache 2.0.35-2.0.52 was discovered by Chintan Trivedi; he found that by sending a large amount of specially- crafted HTTP GET requests, a remote attacker could cause a Denial of Service on the httpd server. This vulnerability is due to improper enforcement of the field length...

5CVSS5.5AI score0.55105EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2004/11/13 12:0 a.m.23 views

GLSA-200411-18 : Apache 2.0: Denial of Service by memory consumption

The remote host is affected by the vulnerability described in GLSA-200411-18 Apache 2.0: Denial of Service by memory consumption Chintan Trivedi discovered a vulnerability in Apache httpd 2.0 that is caused by improper enforcing of the field length limit in the header-parsing code. Impact : By...

5CVSS5.5AI score0.55105EPSS
Exploits7References3
Rows per page
Query Builder