SUSE SLES12 Security Update : php7 (SUSE-SU-2018:2887-1)

This update for php7 fixes the following issues : CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753. Note that Tenable Network Security has extracted the...

SUSE SLES15 Security Update : apache2 (SUSE-SU-2018:2424-1)

This update for apache2 fixes the following issues: The following security vulnerabilities were fixed : - CVE-2018-1333: Fixed a worker exhaustion that could have lead to a denial of service via specially crafted HTTP/2 requests bsc1101689. - CVE-2018-8011: Fixed a NULL pointer dereference in...

SUSE SLES12 Security Update : php5 (SUSE-SU-2018:3017-1)

This update for php5 fixes the following issue : CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 Note that Tenable Network Security has extracted the...

Apache2 mod_http2 header Denial of Service Vulnerability

This vulnerability allows remote attackers to create a denial of service condition on vulnerable installations of Apache HTTPD server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP2 headers. A crafted HTTP2 request can trigger a...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:3582-2)

This update for apache2 fixes the following issues : Security issues fixed : CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2...

SUSE-SU-2018:3970-1 Security update for apache2-mod_jk

This update for apache2-modjk fixes the following issues: Security issues fixed: - CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd bsc1114612. - CVE-2014-8111: Apache Tomcat Connectors modjk ignored JkUnmount rules for subtrees of previous JkMount rules,...

USN-3825-2: mod_perl vulnerability

USN-3825-1 fixed a vulnerability in modperl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Jan Ingvoldstad discovered that modperl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation....

Wordpress Ninja Forms 3.3.17 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting Exploit Author: MTK Vendor Homepage: https://ninjaforms.com Softwae Link: https://wordpress.org/plugins/ninja-forms/ Version: Up to V3.3.17 Tested on: Debian 9 - Apache2...

Androspy - Backdoor Crypter & Creator With Automatic IP Poisener

Androspy : is Backdoor Crypter & Creator with Automatic IP Poisener Coded By Belahsan Ouerghi Dependencies keytool jarsigner Apache2 Metasploit-Framework xterm Installation sudo apt-get install git git clone https://github.com/TunisianEagles/Androspy.git cd Androspy chmod +x setup.sh sudo...

openSUSE Security Update : apache2 (openSUSE-2018-1378)

This update for apache2 fixes the following issues : Security issues fixed : - CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2...

Security update for apache2 (important)

This update for apache2 fixes the following issues: Security issues fixed: - CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2...

openSUSE: Security Advisory for apache2 (openSUSE-SU-2018:3713-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:3582-1)

This update for apache2 fixes the following issues : Security issues fixed : CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2...

openSUSE: Security Advisory for php7 (openSUSE-SU-2018:3062-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for apache2 (openSUSE-SU-2018:3185-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for apache2 (openSUSE-SU-2018:2433-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

WinSpy - A Windows Reverse Shell Backdoor Creator With An Automatic IP Poisener

WinSpy: Windows Reverse Shell Backdoor Creator With ip poisener. Dependencies 1 - metasploit-framework 2 - xterm 3 - apache2 4 - whiptail Installation sudo apt-get install git git clone https://github.com/TunisianEagles/winspy.git cd winspy chmod +x setup.sh ./setup.sh chmod +x winspy.sh...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2815-2)

This update for apache2 fixes the following issues : Security issues fixed : CVE-2016-8743: Fixed liberal whitespace interpretation accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chai...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:1161-2)

This update for apache2 fixes the following issues : - CVE-2018-1283: when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a 'Session' header leading to unexpected behavior bsc1086814. -...

Amazon Linux AMI : php56 / php70, php71, php72 (ALAS-2018-1090)

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade is mishandled in the phphandler function in sapi/apache2handler/sapiapache2.c. CVE-2018-17082...