8064 matches found
CVE-2006-6588
The forum implementation in the ecommerce component in the Apache Open For Business Project OFBiz trusts the 1 dataResourceTypeId, 2 contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown...
The Apache with the latest security vulnerabilities and use-vulnerability and early warning-the black bar safety net
Sources of information: the Red wolf security group www.wolfexp.net,www.crst.com.cn) The Apache with the latest security vulnerabilities with the use of Bug Find By Cooldiyer @ 2006/12/13 1 5:0 5 Description: Any to. php at the beginning of the file name, Apache as the php file parsing Such as"...
Apache Mod_Rewrite单字节缓冲区溢出漏洞
Apache是一款流行的开放源代码的HTTPD服务程序。 Apache modrewrite模块中LDAP机制处理存在单字节溢出错误,远程攻击者可以利用漏洞以WEB进程权限执行任意指令。 Apache modrewrite模块提供了一个基于规则的使用正则表达式分析器的实时转向URL请求的引擎。modrewrite模块在转义绝对URI机制时存在单字节错误,当分离LDAP URL的数据时escapeabsoluteuri 函数中会触发此漏洞。触发此漏洞可导致指向用户提供数据的指针写入字符指针数组边界之外,可用于控制程序,以WEB权限执行任意指令。...
LifeType version 1.1.2 Multiple Path Disclosure Vulnerabilities
netVigilance Security Advisory 8 LifeType version 1.1.2 Multiple Path Disclosure Vulnerabilities Description: LifeType is a Blogging platform built with PHP, designed with maximum customizability, speed and ease of use in mind. Due to program flaws it is possible for the remote attacker to disclo...
Apache Mod_Auth_Kerb单字节溢出拒绝服务漏洞
Apache是一款开放源代码WEB服务程序。 Apache的modauthkerb模块实现上存在堆溢出漏洞,远程攻击者可能利用此漏洞导致模块拒绝服务。 在Apache的modauthkerb模块的spnegokrb5/derget.c文件中,dergetoid函数存在单字节溢出漏洞。攻击者可以通过发送特制的Kerberos消息触发堆溢出,导致拒绝服务。 Apache modauthkerb 5.2 Apache modauthkerb 5.1 Apache modauthkerb 5.0 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
[ MDKSA-2006:218 ] - Updated apache-mod_auth_kerb packages fixes DoS vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:218 http://www.mandriva.com/security/ Package : apache-modauthkerb Date : November 23, 2006 Affected: Corporate 4.0 Problem Description: An off-by-one error in the dergetoid function in modauthkerb 5.0 allow...
Apache mod_auth_kerberos DoS
Off-by-one overflow in dergetoid...
Apache mod_auth_kerb <= 5.20 Buffer Overflow
Binary data 3816.prm...
CVE-2006-6047
Etomite 0.6.1.2 is affected by a directory traversal vulnerability in manager/index.php. Remote authenticated administrators can include and execute arbitrary local files by supplying a .. in the f parameter, demonstrated by injecting PHP sequences into an Apache log file that index.php then incl...
HP-UX PHSS_35459 : s700_800 11.04 Virtualvault 4.6 IWS update
s700800 11.04 Virtualvault 4.6 IWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service DoS attack and...
HP-UX PHSS_35458 : s700_800 11.04 Virtualvault 4.5 IWS Update
s700800 11.04 Virtualvault 4.5 IWS Update : The remote HP-UX host is affected by multiple vulnerabilities : - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. HPSBUX02165 SSRT061266 - Two...
HP-UX PHSS_35436 : s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update
s700800 11.04 Virtualvault 4.7 OWS Apache 2.x update : The remote HP-UX host is affected by multiple vulnerabilities : - Potential security vulnerabilities have been identified with Apache running on HP-UX VirtualVault. These vulnerabilities could be exploited remotely to allow execution of...
HP-UX PHSS_35462 : s700_800 11.04 Virtualvault 4.6 OWS update
s700800 11.04 Virtualvault 4.6 OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service DoS attack and...
HP-UX PHSS_35437 : s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update
s700800 11.04 Webproxy server 2.1 Apache 2.x update : The remote HP-UX host is affected by multiple vulnerabilities : - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. HPSBUX02165 SSRT061266 -...
HP-UX PHSS_35463 : s700_800 11.04 Virtualvault 4.7 (Apache 1.x) OWS update
s700800 11.04 Virtualvault 4.7 Apache 1.x OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service DoS attack...
Important: Red Hat Security Advisory: php security update
Updated PHP packages that fix a security issue are now available for the Red Hat Application Stack. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The...
php security update
CentOS Errata and Security Advisory CESA-2006:0730-01 Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HT...
php security update
CentOS Errata and Security Advisory CESA-2006:0730 Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP...
RHEL 2.1 / 3 / 4 : php (RHSA-2006:0730)
Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The Hardened-PHP Project discovered an...
Apache mod_tcl module contains a format string error
Overview A format string vulnerability exists in the modtcl Apache module. This vulnerability may allow a remote attacker to execute arbitrary code. Description The Apache HTTP Server, also known as httpd, is an open-source HTTP server that runs on Microsoft Windows, Linux, Unix, and Apple OS X...