Lucene search
K

38 matches found

Exploit DB
Exploit DB
added 2004/09/10 12:0 a.m.49 views

Apache mod_ssl 2.0.x - Remote Denial of Service

source: https://www.securityfocus.com/bid/11154/info Apache 2.x modssl is reported prone to a remote denial of service vulnerability. This issue likely exists because the application fails to handle exceptional conditions. The vulnerability originates in the 'charbufferread' function of the...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.54 views

CVE-2002-1157

Cross-site scripting vulnerability in the modssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a...

8.9AI score0.09701EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.14 views

Apache mod_ssl < 2.8.10 Off-by-one Overflow

Binary data 1512.prm...

7.8CVSS7.3AI score0.011EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.20 views

Apache mod_ssl Session Cache Code Overflow

Binary data 1513.prm...

7.5CVSS7.3AI score0.29878EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2004/07/27 4:0 a.m.37 views

CVE-2004-0700

Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssllog function...

7.5CVSS6.2AI score0.05802EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/16 12:0 a.m.65 views

Apache mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String

The remote host is using a version vulnerable of modssl which is older than 2.8.19. There is a format string condition in the log functions of the remote module which may allow an attacker to execute arbitrary code on the remote host. Some vendors patched older versions of modssl, so this might b...

7.5CVSS5.8AI score0.05802EPSS
Exploits0References3
OSV
OSV
added 2004/07/07 4:0 a.m.8 views

CVE-2004-0488

Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN...

6.9AI score
Exploits0References40
NVD
NVD
added 2004/07/07 4:0 a.m.22 views

CVE-2004-0488

Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN...

7.5CVSS7.8AI score0.37681EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2004/07/07 4:0 a.m.34 views

CVE-2004-0488

Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN...

7.5CVSS6.6AI score0.37681EPSS
Exploits0References1
securityvulns
securityvulns
added 2004/06/03 12:0 a.m.56 views

[OpenPKG-SA-2004.026] OpenPKG Security Advisory &#40;apache&#41;

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.026 27-May-2004 Package: apache option "withmodssl" only Vulnerability: arbitrar...

7.5CVSS0.37681EPSS
Exploits0
Debian CVE
Debian CVE
added 2004/05/28 4:0 a.m.45 views

CVE-2004-0488

Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN...

7.5CVSS7.7AI score0.37681EPSS
Exploits0
Cvelist
Cvelist
added 2004/05/28 4:0 a.m.25 views

CVE-2004-0488

Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN...

9.7AI score0.37681EPSS
Exploits0References31
Tenable Nessus
Tenable Nessus
added 2003/05/12 12:0 a.m.26 views

Apache mod_ssl Host: Header XSS

According to the web server banner, the version of modssl running on the remote host has a cross-site scripting vulnerability. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL, resulting in stolen credentials. Note that several Linux distributions...

7.5CVSS5.1AI score0.09701EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2003/04/04 12:0 a.m.218 views

Apache mod_ssl &lt; 2.8.7 OpenSSL - &#039;OpenFuckV2.c&#039; Remote Buffer Overflow (1)

/ E-DB Note: Updated exploit https://www.exploit-db.com/exploits/47080 E-DB Note: Updating OpenFuck Exploit http://paulsec.github.io/blog/2014/04/14/updating-openfuck-exploit/ OF version r00t VERY PRIV8 spabam Compile with: gcc -o OpenFuck OpenFuck.c -lcrypto objdump -R /usr/sbin/httpd|grep free ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/04/04 12:0 a.m.24 views

Apache mod_ssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow (1)

Apache modssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow 1 / E-DB Note: Updated exploit https://www.exploit-db.com/exploits/47080 E-DB Note: Updating OpenFuck Exploit http://paulsec.github.io/blog/2014/04/14/updating-openfuck-exploit/ OF version r00t VERY PRIV8 spabam Compile with: gcc -...

0.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/07/02 12:0 a.m.41 views

Apache mod_ssl ssl_compat_directive Function Overflow

The remote host is using a version of modssl that is older than 2.8.10. This version is vulnerable to an off-by-one buffer overflow that could allow a user with write access to .htaccess files to execute arbitrary code on the system with permissions of the web server. Note that several Linux...

7.8CVSS6AI score0.011EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2002/06/22 12:0 a.m.53 views

Apache mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow

source: https://www.securityfocus.com/bid/5084/info An off-by-one issue exists in modssl that affects Apache when handling certain types of long entries in an .htaccess file. Though this capability within the web server is not enabled by default, it is popular as it allows non-privileged users to...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/03/08 12:0 a.m.68 views

Apache mod_ssl i2d_SSL_SESSION Function SSL Client Certificate Overflow

According to the web server banner, the remote host is using a vulnerable version of modssl. This version has a buffer overflow vulnerability. A remote attacker could exploit this issue to execute arbitrary code. Some vendors patched older versions of modssl, so this might be a false positive...

7.5CVSS5.8AI score0.29878EPSS
Exploits1References2
Rows per page
Query Builder