FreeBSD : apache -- Certificate Revocation List (CRL) off-by-one vulnerability (e936d612-253f-11da-bc01-000e0c2e438a)

Marc Stern reports an off-by-one vulnerability in within modssl. The vulnerability lies in modssl's Certificate Revocation List CRL. If Apache is configured to use a CRL this could allow an attacker to crash a child process causing a Denial of Service. %NASLMINLEVEL 70300 C Tenable Network...

Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : Apache httpd (SSA:2006-129-01)

New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2006-129-01. The text...

Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : Apache httpd redux (SSA:2006-130-01)

New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a bug with Apache 1.3.35 and glibc that breaks wildcards in Include directives. It may not occur with all versions of glibc, but it has been verified on -current using an Include within a file...

FreeBSD : apache -- mod_imap XSS flaw (9fff8dc8-7aa7-11da-bf72-00123f589060)

The Apache HTTP Server Project reports : A flaw in modimap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers. %NASLMINLEVEL...

CVE-2006-2330

CVE-2006-2330 affects PHP-Fusion 6.00.306 and earlier running on Apache 1.3.27 with PHP 4.3.3. The vulnerability arises in the file-upload validation logic, where a filename containing two or more extensions ending with an assumed-valid extension (e.g., .gif) can bypass validation. An authenticat...

[slackware-security] Apache httpd redux

New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a bug with Apache 1.3.35 and glibc that breaks wildcards in Include directives. It may not occur with all versions of glibc, but it has been verified on -current using an Include within a file...

USN-282-1: Nagios vulnerability

The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with a negative Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server privileges...

Apache chunked encoding buffer overflow

Added: 05/08/2006 CVE: CVE-2002-0392 BID: 5033 OSVDB: 838 Background Apache web servers support chunked encoding, which is used by a web client to send data to the server in parts, or chunks. Problem A flaw in the calculation of the size of chunked encoding leads to a buffer overflow, allowing...

Apache chunked encoding buffer overflow

Added: 05/08/2006 CVE: CVE-2002-0392 BID: 5033 OSVDB: 838 Background Apache web servers support chunked encoding, which is used by a web client to send data to the server in parts, or chunks. Problem A flaw in the calculation of the size of chunked encoding leads to a buffer overflow, allowing...

Apache chunked encoding buffer overflow

Added: 05/08/2006 CVE: CVE-2002-0392 BID: 5033 OSVDB: 838 Background Apache web servers support chunked encoding, which is used by a web client to send data to the server in parts, or chunks. Problem A flaw in the calculation of the size of chunked encoding leads to a buffer overflow, allowing...

Apache chunked encoding buffer overflow

Added: 05/08/2006 CVE: CVE-2002-0392 BID: 5033 OSVDB: 838 Background Apache web servers support chunked encoding, which is used by a web client to send data to the server in parts, or chunks. Problem A flaw in the calculation of the size of chunked encoding leads to a buffer overflow, allowing...

PHP-Fusion <= 6.00.306 Multiple Vulnerabilities Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "PHPFusion = v6.00.306 avatar modmime arbitrary file upload &\r\n"; echo "local inclusion vulnerabilities\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if $argc6 echo...

PHP-Fusion <= 6.00.306 Multiple Vulnerabilities Exploit

Exploit for unknown platform in category web applications ======================================================= PHP-Fusion = 6.00.306 Multiple Vulnerabilities Exploit ======================================================= !/usr/bin/php -q -d shortopentag=on ? echo "PHPFusion = v6.00.306 avatar...

Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

[Full-disclosure] function *&#40;&#41; php/apache Crash PHP 4.4.2 and 5.1.2

Source: http://securityreason.com/achievementsecurityalert/35 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 function php/apache Crash PHP 4.4.2 and 5.1.2 Author: Maksymilian Arciemowicz cXIb8O3 Date: - -Written: 21.3.2006 - -Public: 8.4.2006 from SECURITYREASON.COM CVE-2006-1549 - --- 0.Descripti...

ADODB &lt; 4.70 (tmssql.php) Denial of Service Vulnerability

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "ADODB tmssql.php Denial of service\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0." host path redo OPTIONS\r\n"; echo "host: target...

ADODB 4.70 - tmssql.php Denial of Service

ADODB 4.70 - tmssql.php Denial of Service !/usr/bin/php -q -d shortopentag=on 126 $result...

ADODB < 4.70 (tmssql.php) Denial of Service Vulnerability

Exploit for unknown platform in category web applications ========================================================= ADODB 4.70 tmssql.php Denial of Service Vulnerability ========================================================= !/usr/bin/php -q -d shortopentag=on ? echo "ADODB tmssql.php Denial o...

[SA19493] Struts Multiple Vulnerabilities

TITLE: Struts Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19493 VERIFY ADVISORY: http://secunia.com/advisories/19493/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, DoS WHERE: From remote SOFTWARE: Apache Struts 1.2.x http://secunia.com/product/6179/ DESCRIPTION:...

[SECURITY] [DSA 1000-2] New Apache2::Request packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1000-2 [email protected] http://www.debian.org/security/ Martin Schulze April 3rd, 2006 http://www.debian.org/security/faq -...