979 matches found
Apache 2.0.52 - GET Denial of Service
!/usr/bin/perl Based on - apache-squ1rt.c exploit. Original credit goes to Chintan Trivedi on the FullDisclosure mailing list: http://seclists.org/lists/fulldisclosure/2004/Nov/0022.html More info - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942 Added - Added future with we can...
HP-UX PHSS_29541 : HPSBUX0310-285 SSRT3642 Potential Security Vulnerabilities Apache web server HP-UX VVOS and Webproxy.
s700800 11.04 Virtualvault 4.5 IWS Update : 1. Potential Apache web server crash when it goes into an infinite loop due to too many subsequent internal redirects and nested subrequests. VU379828 2. No de-allocation of file descriptors while servicing CGI scripts through child processes...
HP-UX PHSS_27476 : s700_800 11.04 Virtualvault 4.6 inside server support
s700800 11.04 Virtualvault 4.6 inside server support : The remote HP-UX host is affected by multiple vulnerabilities : - Potential vulnerability in Apache web servers while handling SSL requests. - Remotely exploitable potential vulnerabilities have been reported in CA-2002-21 and CVE-2002-0658...
CVE-2004-2336
Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server...
DEBIAN-CVE-2004-0786
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service child process crash via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool...
DEBIAN-CVE-2004-0751
The charbufferread function in the modssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service segmentation fault...
Debian DSA-131-1 : apache - remote DoS / exploit
Mark Litchfield found a denial of service attack in the Apache web-server. While investigating the problem the Apache Software Foundation discovered that the code for handling invalid requests which use chunked encoding also might allow arbitrary code execution on 64 bit architectures...
Debian DSA-133-1 : apache-perl - remote DoS / exploit
Mark Litchfield found a denial of service attack in the Apache web-server. While investigating the problem the Apache Software Foundation discovered that the code for handling invalid requests which use chunked encoding also might allow arbitrary code execution. %NASLMINLEVEL 70300 C Tenable...
RHEL 2.1 : mod_ssl (RHSA-2004:408)
An updated modssl package for Apache that fixes a format string vulnerability is now available. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A format string issue was discovered in modssl for...
Important: Red Hat Security Advisory: mod_ssl security update
An updated modssl package for Apache that fixes a format string vulnerability is now available. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A format string issue was discovered in modssl for...
Apache Web Server Detection
Binary data 1723.prm...
Mandrake Linux Security Advisory : apache2 (MDKSA-2003:063-1)
Two vulnerabilities were discovered in the Apache web server that affect all 2.x versions prior to 2.0.46. The first, discovered by John Hughes, is a build system problem that allows remote attackers to prevent access to authenticated content when a threaded server is used. This only affects...
Apache < 1.3.31 mod_access IP Address Netmask Rule Bypass
The remote host is running a version of Apache web server prior to 1.3.31. It is, therefore, affected by an access control bypass vulnerability due to a failure, on big-endian 64-bit platforms, to properly match 'allow' or 'deny' rules that contain an IP address but lack a corresponding netmask...
PT-2004-1830 · Apache · Apache +1
Name of the Vulnerable Software and Affected Versions: Apache 2.x versions 2.0.44 through 2.0.50 Description: The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault or crash of an httpd child process. This occurs when the server is configured to allow...
security flaw
The apgetmimeheaderscore function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service memory exhaustion, and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters...
RHEL 3 : httpd (RHSA-2004:015)
Updated httpd packages that fix two minor security issues in the Apache Web server are now available for Red Hat Enterprise Linux 3. The Apache HTTP Server is a powerful, full-featured, efficient, and freely-available Web server. An issue in the handling of regular expressions from configuration...
RHEL 2.1 : apache (RHSA-2002:126)
The Apache Web server contains a security vulnerability which can be used to launch a denial of service DoS attack or, in some cases, allow remote code execution. Versions of the Apache Web server up to and including 1.3.24 contain a bug in the routines which deal with requests using 'chunked'...
Apache 2.0.x < 2.0.49 mod_ssl Plain HTTP Request DoS
The remote host appears to be running a version of Apache 2.0.x prior to 2.0.49. It is, therefore, affected by a denial of service vulnerability in the 'modssl' module. An attacker can exploit this to deny service to the Apache server. C Tenable Network Security, Inc. include"compat.inc"; if...
PT-2003-1462 · Apache +1 · Apache Httpd +1
Name of the Vulnerable Software and Affected Versions: PHP affected versions not specified Apache httpd 2.0 Description: The issue allows attackers to bypass intended access restrictions if PHP is running on a server that passes on all methods. This is because PHP treats unknown methods, such as...
PT-2003-2252 · Apache +2 · Apache Http Server +2
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server with mod php module affected versions not specified Description: The mod php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the...