Lucene search
K

979 matches found

Exploit DB
Exploit DB
added 2005/03/04 12:0 a.m.128 views

Apache 2.0.52 - GET Denial of Service

!/usr/bin/perl Based on - apache-squ1rt.c exploit. Original credit goes to Chintan Trivedi on the FullDisclosure mailing list: http://seclists.org/lists/fulldisclosure/2004/Nov/0022.html More info - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942 Added - Added future with we can...

5CVSS9.5AI score0.55105EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2005/02/16 12:0 a.m.22 views

HP-UX PHSS_29541 : HPSBUX0310-285 SSRT3642 Potential Security Vulnerabilities Apache web server HP-UX VVOS and Webproxy.

s700800 11.04 Virtualvault 4.5 IWS Update : 1. Potential Apache web server crash when it goes into an infinite loop due to too many subsequent internal redirects and nested subrequests. VU379828 2. No de-allocation of file descriptors while servicing CGI scripts through child processes...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/16 12:0 a.m.29 views

HP-UX PHSS_27476 : s700_800 11.04 Virtualvault 4.6 inside server support

s700800 11.04 Virtualvault 4.6 inside server support : The remote HP-UX host is affected by multiple vulnerabilities : - Potential vulnerability in Apache web servers while handling SSL requests. - Remotely exploitable potential vulnerabilities have been reported in CA-2002-21 and CVE-2002-0658...

6.2CVSS5.5AI score0.0096EPSS
Exploits0References1
NVD
NVD
added 2004/12/31 5:0 a.m.10 views

CVE-2004-2336

Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server...

5CVSS6.6AI score0.02156EPSS
Exploits0References5
OSV
OSV
added 2004/10/20 4:0 a.m.3 views

DEBIAN-CVE-2004-0786

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service child process crash via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool...

5CVSS6.8AI score0.21769EPSS
Exploits0References1
OSV
OSV
added 2004/10/20 4:0 a.m.1 views

DEBIAN-CVE-2004-0751

The charbufferread function in the modssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service segmentation fault...

5CVSS6.8AI score0.69653EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.32 views

Debian DSA-131-1 : apache - remote DoS / exploit

Mark Litchfield found a denial of service attack in the Apache web-server. While investigating the problem the Apache Software Foundation discovered that the code for handling invalid requests which use chunked encoding also might allow arbitrary code execution on 64 bit architectures...

7.5CVSS5.6AI score0.95027EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.36 views

Debian DSA-133-1 : apache-perl - remote DoS / exploit

Mark Litchfield found a denial of service attack in the Apache web-server. While investigating the problem the Apache Software Foundation discovered that the code for handling invalid requests which use chunked encoding also might allow arbitrary code execution. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS5.7AI score0.95027EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2004/09/09 12:0 a.m.36 views

RHEL 2.1 : mod_ssl (RHSA-2004:408)

An updated modssl package for Apache that fixes a format string vulnerability is now available. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A format string issue was discovered in modssl for...

7.5CVSS5.4AI score0.05802EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2004/09/07 3:40 p.m.49 views

Important: Red Hat Security Advisory: mod_ssl security update

An updated modssl package for Apache that fixes a format string vulnerability is now available. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A format string issue was discovered in modssl for...

7.5CVSS5.8AI score0.05802EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.9 views

Apache Web Server Detection

Binary data 1723.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.41 views

Mandrake Linux Security Advisory : apache2 (MDKSA-2003:063-1)

Two vulnerabilities were discovered in the Apache web server that affect all 2.x versions prior to 2.0.46. The first, discovered by John Hughes, is a build system problem that allows remote attackers to prevent access to authenticated content when a threaded server is used. This only affects...

5CVSS5.9AI score0.63456EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.53 views

Apache < 1.3.31 mod_access IP Address Netmask Rule Bypass

The remote host is running a version of Apache web server prior to 1.3.31. It is, therefore, affected by an access control bypass vulnerability due to a failure, on big-endian 64-bit platforms, to properly match 'allow' or 'deny' rules that contain an IP address but lack a corresponding netmask...

7.5CVSS5.5AI score0.09744EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2004/07/07 12:0 a.m.1 views

PT-2004-1830 · Apache · Apache +1

Name of the Vulnerable Software and Affected Versions: Apache 2.x versions 2.0.44 through 2.0.50 Description: The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault or crash of an httpd child process. This occurs when the server is configured to allow...

5CVSS7.7AI score0.69653EPSS
Exploits0References29
RedHat Linux
RedHat Linux
added 2004/07/06 8:35 a.m.4 views

security flaw

The apgetmimeheaderscore function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service memory exhaustion, and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters...

6.4CVSS6.1AI score0.84784EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.37 views

RHEL 3 : httpd (RHSA-2004:015)

Updated httpd packages that fix two minor security issues in the Apache Web server are now available for Red Hat Enterprise Linux 3. The Apache HTTP Server is a powerful, full-featured, efficient, and freely-available Web server. An issue in the handling of regular expressions from configuration...

7.2CVSS5.9AI score0.1273EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.24 views

RHEL 2.1 : apache (RHSA-2002:126)

The Apache Web server contains a security vulnerability which can be used to launch a denial of service DoS attack or, in some cases, allow remote code execution. Versions of the Apache Web server up to and including 1.3.24 contain a bug in the routines which deal with requests using 'chunked'...

7.5CVSS6.1AI score0.95027EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2004/03/14 12:0 a.m.37 views

Apache 2.0.x < 2.0.49 mod_ssl Plain HTTP Request DoS

The remote host appears to be running a version of Apache 2.0.x prior to 2.0.49. It is, therefore, affected by a denial of service vulnerability in the 'modssl' module. An attacker can exploit this to deny service to the Apache server. C Tenable Network Security, Inc. include"compat.inc"; if...

5CVSS5.4AI score0.09898EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2003/12/31 12:0 a.m.6 views

PT-2003-1462 · Apache +1 · Apache Httpd +1

Name of the Vulnerable Software and Affected Versions: PHP affected versions not specified Apache httpd 2.0 Description: The issue allows attackers to bypass intended access restrictions if PHP is running on a server that passes on all methods. This is because PHP treats unknown methods, such as...

7.5CVSS7.2AI score0.01203EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2003/12/31 12:0 a.m.6 views

PT-2003-2252 · Apache +2 · Apache Http Server +2

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server with mod php module affected versions not specified Description: The mod php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the...

4.3CVSS6.4AI score0.01603EPSS
Exploits1References17
Rows per page
Query Builder