8064 matches found
GLSA-200705-03 : Tomcat: Information disclosure
The remote host is affected by the vulnerability described in GLSA-200705-03 Tomcat: Information disclosure Tomcat allows special characters like slash, backslash or URL-encoded backslash as a separator, while Apache does not. Impact : A remote attacker could send a specially crafted URL to the...
CVE-2007-2353
Apache Axis 1.0 is affected. The vulnerability allows remote attackers to obtain the installation path by requesting a non-existent WSDL file, which yields an exception message that leaks sensitive information. This is a information-disclosure issue with a partial impact disclosure as described; ...
CVE-2007-2353
Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message...
XAMPP ADOdb mssql_connect Remote Buffer Overflow
The remote host is running XAMPP, an Apache distribution containing MySQL, PHP, and Perl. It is designed for easy installation and administration. The remote version of XAMPP includes a PHP interpreter that is affected by a buffer overflow involving calls to 'mssqlconnect' as well as an example P...
tomcat -- multiple vulnerabilities
Apache Project reports: The Apache Tomcat team is proud to announce the immediate availability of Tomcat 4.1.36 stable. This build contains numerous library updates, A small number of bug fixes and two important security fixes...
Apache AXIS 1.0 - Non-Existent WSDL Path Information Disclosure
source: https://www.securityfocus.com/bid/23687/info Apache AXIS is prone to a path-information-disclosure vulnerability. Remote unauthorized attackers may be able to determine webserver directory paths. Information obtained may aid attackers in launching further attacks against an affected serve...
Apache Httpd < 2.2.6 : mod_cache information leak
The recallheaders function in modmemcache in Apache 2.2.4 did not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information...
Apache unfiltered HTTP methods
HTTP request method is not checked for RFC2616 complience. Under specific conditions it may lead, for example, to crossite scripting...
[Full-disclosure] Apache/PHP REQUEST_METHOD XSS Vulnerability
There exist a flaw in a way how Apache and php combination handle the $SERVER array. If the programmer writes scrip like this: ?php echo $SERVER'REQUESTMETHOD'; ? He will assume that REQUESTMETHOD can only by: GET,POST,OPTIONS,TRACE and all that stuff. However this is not true, since Apache accep...
php security update
CentOS Errata and Security Advisory CESA-2007:0153 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting langua...
Moderate: Red Hat Security Advisory: php security update
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A...
CentOS 3 / 4 : php (CESA-2007:0155)
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...
XAMPP for Windows <= 1.6.0a mssql_connect() Remote BoF Exploit
No description provided by source. ?php printr' --------------------------------------------------------------------------- XAMPP for Windows = 1.6.0a adodb.php/mssqlconnect remote buffer overflow proof-of-concept exploit seh overwrite method / 2000 sp3 version mail: retrog at alice dot it...
php security update
CentOS Errata and Security Advisory CESA-2007:0155 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...
Important: Red Hat Security Advisory: php security update
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server....
Important: Red Hat Security Advisory: php security update
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...
Moderate: Red Hat Security Advisory: php security update
Updated PHP packages that fix several security issues are now available for Red Hat Application Stack v1.1. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web serve...
XAMPP for Windows 1.6.0a - mssql_connect() Remote Buffer Overflow
XAMPP for Windows 1.6.0a - mssqlconnect Remote Buffer Overflow Connect$POST'host', $POST'user', $POST'password', $POST'database'; echo "DBServer: $POSTdbserver"; $result = $db-Execute"SELECT FROM $POSTtable"; ... mssqlconnect function is vulnerable to buffer overflow and the host argument is...
XAMPP for Windows <= 1.6.0a mssql_connect() Remote BoF Exploit
Exploit for unknown platform in category remote exploits ============================================================== XAMPP for Windows Connect$POST'host', $POST'user', $POST'password', $POST'database'; echo "DBServer: $POSTdbserver"; $result = $db-Execute"SELECT FROM $POSTtable";...
Unrestricted file upload
Unrestricted file upload vulnerability in the UpLoad feature lib/plugin/UpLoad.php in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file...