988 matches found
Advisory CA-2002-17 Apache Web Server Chunk Handling Vulnerability
CERT Advisory CA-2002-17 Apache Web Server Chunk Handling Vulnerability Original release date: June 17, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Web servers based on Apache code versions 1.3 through 1.3.24 Web servers...
Apache httpd: vulnerability with chunked encoding
-----BEGIN PGP SIGNED MESSAGE----- Date: June 17, 2002 Product: Apache Web Server Versions: Apache 1.3 all versions including 1.3.24, Apache 2 all versions up to 2.0.39 Introduction: While testing for Oracle vulnerabilities, Mark Litchfield discovered a denial of service attack for Apache on...
Apache Web Server vulnerable to DoS via crafted HTTP request
Overview Some versions of the Apache Web server are vulnerable to denial-of-service attacks by crafted HTTP requests. Description A vulnerability exists in some versions the Apache Web HTTPD Server running on Windows 98SE, Windows 2000 SP1, and OS/2. The vulnerability appears to be a bounds...
Vulnerability in Apache for Win32 batch file processing - Remote command execution
Vulnerability in Apache for Win32 batch file processing - Remote command execution = Author: Ory Segal, Sanctum inc. http://www.sanctuminc.com = Release date: March, 21st 2002 Vendor was notified at: Feb. 13th = 2002 = Vendor: Apache group = Product: Apache web server Win32 - Running DOS batch...
Multiple PHP Vulnerabilities - Remote Compromise Exploit in Circulation
Internet Security Systems Security Alert February 27, 2002 Multiple PHP Vulnerabilities: Remote Compromise Exploit in Circulation Synopsis: ISS X-Force has learned of multiple buffer overflow vulnerabilities present in the PHP Hypertext Preprocessor scripting language. PHP is a popular server-sid...
Multiple Buffer Overflows in Oracle 9iAS
NGSSoftware Insight Security Research Advisory Name: Oracle PL/SQL Apache Module Systems Affected: Oracle 9iAS Platforms: Sun SPARC Solaris 2.6 MS Windows NT/2000 Server HP-UX 11.0/32-bit Severity: High Risk Vendor URL: http://www.oracle.com/ Author: David Litchfield [email protected] Date: 6th...
CVE-2001-1556
The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep...
[CLA-2001:427] Conectiva Linux Security Announcement - mod_auth_pgsql
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : modauthpgsql SUMMARY : Remote vulnerability allow...
Apache web server performs case sensitive filtering on Mac OS X HFS+ case insensitive filesystem
Overview The Apache 1.3.14 web server's file access protection scheme can be bypassed for the Mac OS X HFS+ filesystem. Description The Apache web server's file access protection scheme i.e., file request "filtering" assumes that the filesystem being protected is case sensitve. For example, in a...
oracle.9i.path.txt
Product: Oracle 9i Application Server. Description: The Oracle 9i Application Server uses the Apache web server for HTTP service. However, if a request is made for a non-existent .jsp file, the complete path is shown. For instance, if you were to make the following request at a server running...
Apache 1.01.21.3 - Server Address Disclosure
Apache 1.01.21.3 - Server Address Disclosure // source: https://www.securityfocus.com/bid/3169/info A vulnerability has been discovered in Apache web server that may result in the disclosure of the server's address. The problem occurs when a HTTP request containing the URI of a directory is...
Apache 1.3 - Artificially Long Slash Path Directory Listing (4)
Apache 1.3 - Artificially Long Slash Path Directory Listing 4 source: https://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, include...
Apache 1.3 - Artificially Long Slash Path Directory Listing (1)
source: https://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementations of the UNIX operating system an...
Security Advisory(CSA-200011)
CHINANSL Security AdvisoryCSA-200011 Topic: PHP AND APACHE Vulnerability Release Dateёє Dec 6, 2000 Affected system: ============ APACHE WEB SERVER 1.3 ЎЎЎЎ- Microsoft Windows NT 4.0 ЎЎЎЎ- Microsoft Windows 2000 Impact: ====== CHINANSL security team has found a security problem in Apache web serv...
Apache 1.3 + PHP 3 - File Disclosure
Apache 1.3 + PHP 3 - File Disclosure source: https://www.securityfocus.com/bid/2060/info Apache Web Server is subject to disclose files to unauthorized users when used in conjunction with the PHP3 script language. By requesting a specially crafted URL by way of php, it is possible for a remote us...
Apache 1.3 + PHP 3 - File Disclosure
source: https://www.securityfocus.com/bid/2060/info Apache Web Server is subject to disclose files to unauthorized users when used in conjunction with the PHP3 script language. By requesting a specially crafted URL by way of php, it is possible for a remote user to gain read access to a known fil...
Apache 1.3.12 - WebDAV Directory Listings
Apache 1.3.12 - WebDAV Directory Listings source: https://www.securityfocus.com/bid/1656/info WebDAV Web Distributed Authoring and Versioning is an extension of HTTP which allows users to create, edit and share documents using the HTTP protocol. A particular REQUEST METHOD, PROPFIND, allows users...
Apache 1.3.12 - WebDAV Directory Listings
source: https://www.securityfocus.com/bid/1656/info WebDAV Web Distributed Authoring and Versioning is an extension of HTTP which allows users to create, edit and share documents using the HTTP protocol. A particular REQUEST METHOD, PROPFIND, allows users to retrieve resource properties such as...
Linux news 7.07.00
Linux Kernel pre-patch 2.4.0 test3-pre3 Вышел третий пререлиз третьего тестового ядра Linux Kernel 2.4.0. Подробнее: ftp://ftp.funet.fi/pub/linux/kernel/testing Kernel traffic 74 Вышел очередной номер отличного сборника писем с комментариями из списка рассылки ядра Linux. На этот раз там можно...
CVE-1999-0289
The Apache web server for Win32 may provide access to restricted files when a . dot is appended to a requested URL...