988 matches found
[SECURITY] Fedora Core 6 Update: mod_perl-2.0.2-6.2.fc6
Modperl incorporates a Perl interpreter into the Apache web server, so that the Apache web server can directly execute Perl code. Modperl links the Perl runtime library into the Apache web server and provides an object-oriented Perl interface for Apache's C language API. The end result is a quick...
[SECURITY] Fedora Core 5 Update: mod_perl-2.0.2-5.2.fc5
Modperl incorporates a Perl interpreter into the Apache web server, so that the Apache web server can directly execute Perl code. Modperl links the Perl runtime library into the Apache web server and provides an object-oriented Perl interface for Apache's C language API. The end result is a quick...
[SECURITY] Fedora 7 Update: mod_perl-2.0.3-9.1.fc7
Modperl incorporates a Perl interpreter into the Apache web server, so that the Apache web server can directly execute Perl code. Modperl links the Perl runtime library into the Apache web server and provides an object-oriented Perl interface for Apache's C language API. The end result is a quick...
mod_jk sends decoded URL to tomcat
modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...
SOL6669 - Apache HTTP Expect header handling
The vulnerability exists in the Apache web server, which is used by FirePass. Apache will not sanitize the contents of the HTTP Expect header when receiving an HTTP request. Instead, the contents of the Expect header will be returned in a successful HTTP response. This permits executable code suc...
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.5
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.4
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
PT-2007-1571
Name of the Vulnerable Software and Affected Versions Apache HTTP Server affected versions not specified Description The issue allows remote attackers to cause a denial of service, consuming network bandwidth, via a Range header that specifies multiple copies of the same fragment when accessed...
Apache web server mod_tcl security vulnerability
Server format string vulnerabilities with HTTP request header names...
security flaw
Memory leak in the worker MPM worker.c for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service memory consumption via aborted connections, which prevents the memory for the transaction pool from being reused for other connections...
DEBIAN-CVE-2005-3352
Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...
SA027.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityAlert SA027 Author: sp3x GPG: http://securityreason.com/key/sp3x.gpg Date: 15. November 2005 Affected software : =================== PHPNuke version : 7.8 with all security fixes/patches Not Affected software : ======================= PHPNuke...
Tripwire for Webpages Detection
We detected the remote web server as running Tripwire for web pages under the Apache web server. This software allows attackers to gather sensitive information about your server configuration. OpenVAS Vulnerability Test $Id: tripwirewebpage.nasl 8023 2017-12-07 08:36:26Z teissa $ Description:...
mod_ssl security update
CentOS Errata and Security Advisory CESA-2005:773-01 An updated modssl package for Apache that corrects a security issue is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The modssl module provides strong cryptography for the...
Moderate: Red Hat Security Advisory: pcre security update
Updated pcre packages are now available to correct a security issue. This update has been rated as having moderate security impact by the Red Hat Security Response Team PCRE is a Perl-compatible regular expression library. An integer overflow flaw was found in PCRE, triggered by a maliciously...
DEBIAN-CVE-2005-2728
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service memory consumption via an HTTP header with a large Range field...
CVE-2004-2336
Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server...
CVE-2004-2336
Technical details (affected product/version, root cause, impact, fixes) are not publicly provided in the supplied documents. Monitor for updates.
DEBIAN-CVE-2005-1268
Off-by-one error in the modssl Certificate Revocation List CRL verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service child process crash via a CRL that causes a buffer overflow of one null byte...
Ragnarok Online Control Panel 4.3.4 a - Authentication Bypass
Ragnarok Online Control Panel 4.3.4 a - Authentication Bypass source: https://www.securityfocus.com/bid/14429/info Ragnarok Online Control Panel ROCP is prone to a vulnerability that may let remote attackers bypass user authentication. This issue is related to how PHP variables are handled, letti...