CVE-2004-1082

CVE-2004-1082 affects Apache 1.3.31 and 1.3.32 on Mac OS X Server. The vulnerability arises in mod_digest_apple where the server does not properly verify the nonce in a client response, allowing remote attackers to replay credentials. The NVD entry (CVSS v2 base score 7.5, HIGH) indicates a netwo...

CVE-2001-1449

The CVE-2001-1449 issue affects Apache

PHPNuke76dl.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpnuke 7.6 Multiple vulnerabilities in Downloads Module cXIb8O3.13 Author: Maksymilian Arciemowicz cXIb8O3 Date: 5.4.2005 from securityreason.com TEAM - --- 0.Description --- PHP-Nuke is a Web Portal System, storytelling software, news system, online...

CVE-2004-1083

Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DSStore files and files beginning with ".ht" using alternate capitalization...

CVE-2004-1084

Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles...

CVE-2004-1083

Apache on Apple Mac OS X 10.2.8 and 10.3.6 is affected by a vulnerability arising from case-sensitivity handling: Apache restricts file access in a case-sensitive way while the HFS+ filesystem on Mac is case-insensitive, allowing remote attackers to read .DS_Store and files starting with ".ht" vi...

CVE-2004-1084

The CVE-2004-1084 entry describes an Apache on Mac OS X vulnerability affecting versions 10.2.8 and 10.3.6 where remote attackers can read files and resource fork content via HTTP requests to specially named HFS+ data streams, bypassing Apache file handles. The root cause is related to how HFS+ d...

PHP

New PHP packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. More details about the issues may be found in the PHP ChangeLogs on the PHP web site: http://php.net Here are the details from the Slackware 10.1 ChangeLog:...

FreeBSD-SA-05:02.sendfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:02.sendfile Security Advisory The FreeBSD Project Topic: sendfile kernel memory disclosure Category: core Module: syskern Announced: 2005-04-04 Credits: Sven...

CVE-2002-1635

The Apache configuration file httpd.conf in Oracle 9i Application Server 9iAS uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin...

CVE-2002-1635

The CVE-2002-1635 entry concerns Oracle 9i Application Server (9iAS) where the Apache httpd.conf uses a Location alias for /perl instead of a ScriptAlias. This misconfiguration enables a remote attacker to read the source code of arbitrary CGI files via a URL that targets /perl rather than /cgi-b...

CVE-2005-0808

Apache Tomcat before 5.x is affected by a remote denial-of-service vulnerability triggered by a crafted AJP12 packet to TCP port 8007, which can cause the application to crash or stop responding. The vulnerability is attributed to handling of AJP12 input (malformed/input handling). Affected compo...

HP-UX PHSS_32141 : s700_800 11.04 Virtualvault 4.5 IWS Update

s700800 11.04 Virtualvault 4.5 IWS Update : Two security vulnerabilities have been reported in Apache HTTP server http://httpd.apache.org/ versions prior to Apache 1.3.33 that may allow a Denial of Service DoS attack and execution of arbitrarty code. %NASLMINLEVEL 70300 C Tenable Network Security...

HP-UX PHSS_31058 : s700_800 11.04 Virtualvault 4.7 OWS update

s700800 11.04 Virtualvault 4.7 OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running Apache where the vulnerability could be exploited remotely to create a Denial of Service DoS or to execute...

HP-UX PHSS_28098 : HP-UX Running Apache, Increased Privileges or Denial of Service (DoS) or Execution of Arbitrary Code (HPSBUX00224 SSRT2393 rev.3)

s700800 11.04 Virtualvault 4.5 OWS update : Potential vulnerability regarding ownership permissions of System V shared memory based scoreboards. CERT VU825353, CVE CAN-2002-0839 Potential cross-site scripting vulnerability in the default error page when using wildcard DNS. CERT VU240329, CVE...

HP-UX PHSS_27936 : HP-UX Running Apache, Remote Denial of Service (DoS) or Elevation Privilege, or Execution of Arbitrary Code (HPSBUX00197 SSRT2332 rev.11)

s700800 11.00 OV NNM6.0x http server fix : A potential remotely exploitable vulnerability in handling of large data chunks in Apache-based web servers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHSS27936...

HP-UX PHSS_30640 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)

s700800 11.04 Virtualvault 4.7 OpenSSH update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC 224012/1 and 224012/2. The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is...

HP-UX PHSS_31057 : s700_800 11.04 Virtualvault 4.6 OWS update

s700800 11.04 Virtualvault 4.6 OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with Apache running on HP-UX where a buffer overflow could be exploited remotely to execute arbitrary code. - A potential security...

HP-UX PHSS_30644 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)

s700800 11.04 Virtualvault 4.6 OpenSSH update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC 224012/1 and 224012/2. The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is...

HP-UX PHSS_30642 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)

s700800 11.04 Virtualvault 4.7 TGP update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC 224012/1 and 224012/2. The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A...