5747 matches found
CVE-2013-4365
Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors...
Heap overflow
Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors...
CVE-2013-4365
Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors...
CVE-2013-4365
Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors...
CVE-2013-4365
Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors...
CVE-2013-4365
The vulnerability CVE-2013-4365 affects Apache HTTP Server’s mod_fcgid module. A heap-based buffer overflow in fcgid_header_bucket_read (fcgid_bucket.c) prior to version 2.3.9 could allow remote attackers to cause an impact via unspecified vectors. Affected product/version: mod_fcgid before 2.3.9...
XAMPP 1.8.1 Local Write Access Vulnerability
============================================= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 6,8/10 CVSS Base Score - CVE-ID: CVE-2013-2586...
XAMPP 1.8.1 Local Write Access Vulnerability
XAMPP version 1.8.1 allows an unprivileged user the ability to write to the local disk. It has been detected than an unprivileged user can write in the local disk and the local file "lang.tmp" can be modified in the remote machine. The injection is done through the page "/xampp/lang.php"...
GLSA-201309-12 : Apache HTTP Server: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201309-12 Apache HTTP Server: Multiple vulnerabilities Multiple vulnerabilities have been found in Apache HTTP Server. Please review the CVE identifiers and research paper referenced below for details. Impact : A remote attacker...
Apache HTTP Server: Multiple vulnerabilities
Background Apache HTTP Server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been found in Apache HTTP Server. Please review the CVE identifiers and research paper referenced below for details. Impact A remote attacker could send a specially...
Fedora Update for php FEDORA-2013-14985
Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2013-14985 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
httpd: XSS flaw in mod_proxy_balancer manager interface
Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML vi...
httpd: XSS flaw in mod_proxy_balancer manager interface
Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML vi...
httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav
moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...
Amazon Linux AMI : httpd (ALAS-2011-09)
The MITRE CVE database describes these CVEs as : The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which...
Amazon Linux AMI : httpd24 (ALAS-2013-175)
Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML vi...
Amazon Linux AMI : subversion (ALAS-2013-180)
A NULL pointer dereference flaw was found in the way the moddavsvn module handled PROPFIND requests on activity URLs. A remote attacker could use this flaw to cause the httpd process serving the request to crash. CVE-2013-1849 A flaw was found in the way the moddavsvn module handled large numbers...
Apache HTTP Server mod_dav MERGE Request Denial of Service (CVE-2013-1896)
A denial of service vulnerability has been reported in the moddav component of Apache HTTP Server...
Apache HTTP Server suEXEC符号链接任意文件访问漏洞
Apache HTTP Server是一款开源的WEB服务程序 Apache HTTP Server包含的suEXEC会不安全创建临时文件,允许攻击者利用漏洞通过符号链接针对.htaccess文件进行攻击,可用于访问任意文件 0 Apache HTTP Server 2.2.22 厂商解决方案 Apache ----------- 目前没有详细解决方案提供: http://httpd.apache.org/...
[SECURITY] Fedora 19 Update: php-5.5.3-1.fc19
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...