Security fix for the ALT Linux 10 package apache2 version 1:2.4.52-alt1

1:2.4.52-alt1 built Dec. 27, 2021 Anton Farygin in task 292417 Dec. 21, 2021 Anton Farygin - 2.4.52 Fixes: CVE-2021-44790, CVE-2021-44224...

Buffer Overflow

apache2 is has buffer overflow. An attacker is able to cause the vulnerability by sending a crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts...

Denial Of Service (DoS)

apache2 is vulnerable to denial of service. An attacker is able to crash the system by sending a maliciously crafted URI sent to httpd configured as a forward proxy ProxyRequests on...

WordPress WPSchoolPress 2.1.16 Plugin - (Multiple) Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin WPSchoolPress 2.1.16 - 'Multiple' Cross Site Scripting XSS Exploit Author: Davide Taraschi Vendor Homepage: https://wpschoolpress.com/ Software Link: https://wpschoolpress.com/free-download/ Version: up to 2.1.17 non included Tested on: Ubuntu 20.04 over WordPress...

openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:1438-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1438-1 advisory. - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

openSUSE: Security Advisory for apache2 (openSUSE-SU-2021:1438-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fuel CMS 1.4.1 Remote Code Execution

Exploit Title: Fuel CMS 1.4.1 - Remote Code Execution 3 Exploit Author: Padsala Trushal Date: 2021-11-03 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: ',epilog=f'EXAMPLE - python3 sys.argv0 -u http://10.10.21.74'...

Fuel CMS 1.4.1 - Remote Code Execution Exploit (3)

Exploit Title: Fuel CMS 1.4.1 - Remote Code Execution 3 Exploit Author: Padsala Trushal Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: ',epilog=f'EXAMPLE - python3 sys.argv0 -u http://10.10.21.74'...

OPENSUSE-SU-2021:1438-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. bsc1190703 - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. bsc1190702 - CVE-2021-39275: Fixed an out-of-bounds write in apescapequotes via malicious inpu...

Security update for apache2 (important)

openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2021:1438-1 Rating: important References: 1190666 1190669 1190702 1190703 Cross-References: CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 CVSS scores: CVE-2021-34798 SUSE: 7.5...

Scarce-Apache2 - A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public

This tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning method Only if the MODCGI is Enabled at the targeted webserver. This tool works with the...

CVE-2021-41186 ReDoS vulnerability in parser_apache2

Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parserapache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service ReDoS vulnerability. A broken apache log with a certain pattern of string ca...

Fluentd 资源管理错误漏洞

Fluentd is an open source log collector from the Cloud Native Computing Cloud Native Computing Foundation Foundation. It is used to collect events from various data sources and write them to files, Rdbms, NoSql, IaaS, SaaS, Hadoop and more. A resource management error vulnerability exists in...

PT-2021-23159

Name of the Vulnerable Software and Affected Versions Fluentd versions 0.14.14 through 1.14.1 Description The parser apache2 plugin in Fluentd suffers from a regular expression denial of service ReDoS vulnerability. A broken apache log with a certain pattern of string can spend too much time in a...

SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2021:3522-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3522-1 advisory. - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

SUSE: Security Advisory (SUSE-SU-2021:3522-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:3522-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3522-1 advisory. - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

openSUSE: Security Advisory for apache2 (openSUSE-SU-2021:3522-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:3522-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. bsc1190703 - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. bsc1190702 - CVE-2021-39275: Fixed an out-of-bounds write in apescapequotes via malicious inpu...

SUSE-SU-2021:3522-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. bsc1190703 - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. bsc1190702 - CVE-2021-39275: Fixed an out-of-bounds write in apescapequotes via malicious inpu...