1636 matches found
Debian DSA-2202-1 : apache2 - failure to drop root privileges
MPMITK is an alternative Multi-Processing Module for Apache HTTPD that is included in Debian's apache2 package. A configuration parsing flaw has been found in MPMITK. If the configuration directive NiceValue was set, but no AssignUserID directive was specified, the requests would be processed as...
[SECURITY] [DSA 2202-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2202-1 [email protected] http://www.debian.org/security/ Stefan Fritsch March 23, 2011 http://www.debian.org/security/faq -...
DSA-2202-1 apache2 - failure to drop root privileges
Bulletin has no description...
DSA-2141-2 nss - protocol design flaw
Bulletin has no description...
[SECURITY] [DSA-2141-1] New apache2 packages add backward compatibility option
------------------------------------------------------------------------ Debian Security Advisory DSA-2141-3 [email protected] http://www.debian.org/security/ Stefan Fritsch January 06, 2011 http://www.debian.org/security/faq -...
[SECURITY] [DSA-2141-1] New apache2 packages add backward compatibility option
------------------------------------------------------------------------ Debian Security Advisory DSA-2141-3 [email protected] http://www.debian.org/security/ Stefan Fritsch January 06, 2011 http://www.debian.org/security/faq -...
WiPhire : A Wireless Penetration Testing Tool !
If you are active in the wireless penetration testing field, you must have seen a few scripts that either help you crack Wired Equivalent Privacy WEP. You also must have seen a few scripts that help you perform MITM attacks. But, not scripts that help you crack WEP and help you with MITM at the...
DSA-2117-1 apr-util - denial of service
Bulletin has no description...
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : apache2 vulnerability (USN-990-2)
USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue. After updating openssl, an Apache server will allow...
Joomla Component com_restaurantguide Multiple Vulnerabilities
Exploit for php platform in category web applications ============================================================= Joomla Component comrestaurantguide Multiple Vulnerabilities ============================================================= Exploit Title: Joomla Component comrestaurantguide Multipl...
Security fix for the ALT Linux 10 package apache2 version 2.2.16-alt1
Sept. 16, 2010 Aleksey Avdeev 2.2.16-alt1 - 2.2.16 Closes: 23933 - Security fixes CVE-2009-3555, CVE-2010-0408, CVE-2010-0425, CVE-2010-043, CVE-2010-1452, CVE-2010-2068 - Updated messages a2en,dis: added an indication of the file Closes: 20932 - Move %apache2extraavailable/Directorydefault.conf....
Security fix for the ALT Linux 8 package apache2 version 2.2.16-alt1
Sept. 16, 2010 Aleksey Avdeev 2.2.16-alt1 - 2.2.16 Closes: 23933 - Security fixes CVE-2009-3555, CVE-2010-0408, CVE-2010-0425, CVE-2010-043, CVE-2010-1452, CVE-2010-2068 - Updated messages a2en,dis: added an indication of the file Closes: 20932 - Move %apache2extraavailable/Directorydefault.conf....
Security fix for the ALT Linux 9 package apache2 version 2.2.16-alt1
Sept. 16, 2010 Aleksey Avdeev 2.2.16-alt1 - 2.2.16 Closes: 23933 - Security fixes CVE-2009-3555, CVE-2010-0408, CVE-2010-0425, CVE-2010-043, CVE-2010-1452, CVE-2010-2068 - Updated messages a2en,dis: added an indication of the file Closes: 20932 - Move %apache2extraavailable/Directorydefault.conf....
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)
PHP was updated to version 5.3.3 to fix serveral security issues. CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191,...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the apache2-slms package in SUSE Lifecycle Management Server SLMS 1.0 on SUSE Linux Enterprise SLE 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources...
CVE-2010-1325
Summary (CVE-2010-1325) : A CSRF vulnerability affects the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise 11 . The issue arises from improper parameter quoting, enabling remote attackers to hijack the authentication of unspecified victims. The availab...
Joomla! Component BF Quiz 1.3.0 - SQL Injection (1)
Joomla! Component BF Quiz 1.3.0 - SQL Injection 1 Exploit Title: Joomla Component BF Quiz SQL Injection Vulnerability Date: 29th May 2010 Author: Valentin Category: webapps/0day Version: 1.3.0 Tested on: Debian, Apache2, MySQL 5 CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1...
Joomla! Component BF Quiz 1.3.0 - SQL Injection (1)
Exploit Title: Joomla Component BF Quiz SQL Injection Vulnerability Date: 29th May 2010 Author: Valentin Category: webapps/0day Version: 1.3.0 Tested on: Debian, Apache2, MySQL 5 CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0255-1)
Incomplete XML RPC requests could crash the php interpreter CVE-2010-0397. PHP was updated to version 5.3.2 to fix the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0255-2)
Incomplete XML RPC requests could crash the php interpreter CVE-2010-0397. PHP was updated to version 5.2.12 to fix the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...