9792 matches found
Trend Micro Apex One 代码问题漏洞
Trend Micro Worry-Free Business Security is a suite of enterprise-class information security protection solutions from Trend Micro. The product provides anti-spam, anti-virus, network security and e-mail protection. Trend Micro Worry-Free Business Security suffers from a code issue vulnerability...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 复现 https://www.tenable.com/blog/cve-2021-41773-path-traversal-zero-day-in-apache-http-server-exploited v2.4.49 apache 独有漏洞,早期版本中并没有 apnormalizepath 这个函数,该函数是在v2.4.49版本中引入的,正是这个函数导致了 目录穿越,在 v2.4.50 被修复了 环境 https://github.com/1nhann/CVE-2021-41773 本环境中,加载了 cgi 模块: ini LoadModule...
FreeBSD : Apache httpd -- Path Traversal and Remote Code Execution (d001c189-2793-11ec-8fb1-206a8a720317)
The Apache http server project reports : critical: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 incomplete fix of CVE-2021-41773 CVE-2021-42013. It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a...
Updated apache packages fix security vulnerability
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
JVN#51106450: Apache HTTP Server vulnerable to directory traversal
Apache HTTP Server provided by The Apache Software Foundation contains a directory traversal vulnerability CWE-22. Impact A remote attacker may access the unprotected files in "require all denied" placed outside of the document root. Moreover, if CGI scripts are enabled, arbitrary code may be...
ALPINE-CVE-2021-42013
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
Path traversal
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
CVE-2021-42013
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
All Vulnerabilities for amri.ninds.nih.gov Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| amri.ninds.nih.gov ---|--- Open Bug...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Playground === This is a small Docker recipe for...
Apache HTTPd 2.4.49/2.4.50 路径穿越漏洞
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
Apache httpd -- Path Traversal and Remote Code Execution
The Apache http server project reports: critical: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 incomplete fix of CVE-2021-41773 CVE-2021-42013. It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 复现 https://www.tenable.com/blog/cve-2021-41...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Path traversal and file disclosure vulnerabilit...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Playground === This is a small Docker recipe for...
Apache 2.4.49 < 2.4.50 Multiple Vulnerabilities
According to its banner, the version of Apache running on the remote host is 2.4.49. It is, therefore, affected by multiple vulnerabilities: - While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the serve...
Apache Httpd < 2.4.51 : Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
CVE-2021-41773
A path transversal flaw was found in Apache 2.4.49. A remote attacker could use this flaw to map URLs to files outside the expected document root. Additionally this flaw could leak the source of interpreted files like CGI scripts...
ALPINE-CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
The vulnerability of the cgi/networkDiag.cgi implementation of the SureLine aircraft monitoring application, which allows a violator to execute arbitrary commands
The vulnerability of the cgi/networkDiag.cgi implementation of the SureLine monitoring application exists because measures are not taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...