Lucene search
K

443 matches found

Debian CVE
Debian CVE
added 2004/10/26 4:0 a.m.31 views

CVE-2004-0923

CUPS 1.1.20 and earlier records authentication information for a device URI in the errorlog file, which allows local users to obtain user names and passwords...

2.1CVSS5.9AI score0.00445EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2004/10/22 3:6 p.m.3 views

security flaw

CUPS 1.1.20 and earlier records authentication information for a device URI in the errorlog file, which allows local users to obtain user names and passwords...

2.1CVSS5.8AI score0.00445EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/10/22 12:0 a.m.32 views

Mandrake Linux Security Advisory : cups (MDKSA-2004:116)

Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code : Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte ...

10CVSS6AI score0.09334EPSS
Exploits0References3
CVE
CVE
added 2004/09/01 4:0 a.m.207 views

CVE-2003-0020

CVE-2003-0020 concerns Apache HTTP Server: the product does not filter terminal escape sequences from error logs, enabling potential insertion of escape sequences into terminal emulators vulnerable to such sequences. Connected documents show multiple related CVEs affecting different Apache branch...

5CVSS7.7AI score0.10872EPSS
Exploits7References38Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.16 views

PHP 3.0.x < 3.0.17 / 4.0.x < 4.0.3 Error Log Command Injection

Binary data 1480.prm...

10CVSS7.3AI score0.20628EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.18 views

Apache < 1.3.31 / 2.0.49 Error Log Escape Sequence Injection

Binary data 1221.prm...

5CVSS7.3AI score0.17413EPSS
Exploits8References10
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.59 views

Mandrake Linux Security Advisory : apache-mod_perl (MDKSA-2004:046-1)

Four security vulnerabilities were fixed with the 1.3.31 release of Apache. All of these issues have been backported and applied to the provided packages. Thanks to Ralf Engelschall of OpenPKG for providing the patches. Apache 1.3 prior to 1.3.30 did not filter terminal escape sequences from its...

7.5CVSS5.6AI score0.11549EPSS
Exploits7References5
securityvulns
securityvulns
added 2004/03/26 12:0 a.m.69 views

GLSA200403-04 Multiple security vulnerabilities in Apache 2

Gentoo Linux Security Advisory GLSA 200403-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

2.1AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/03/22 12:0 a.m.39 views

Multiple security vulnerabilities in Apache 2

Background The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems. The goal of this project is to provide a secure, efficient and extensible server that provides services in tune with the current HTTP standards. Description Thre...

5CVSS8.5AI score0.09898EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2003/09/22 8:39 a.m.52 views

Moderate: Red Hat Security Advisory: apache security update

Updated Apache and modssl packages that fix several minor security issues are now available for Red Hat Enterprise Linux. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. Ben Laurie found a bug in the optional renegotiation code in modssl which can...

6.4CVSS5.8AI score0.10872EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2003/09/22 8:34 a.m.11 views

Moderate: Red Hat Security Advisory: : Updated Apache and mod_ssl packages fix security vulnerabilities

Updated Apache and modssl packages that fix several minor security issues are now available for Red Hat Linux 7.1, 7.2, and 7.3. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. Ben Laurie found a bug in the optional renegotiation code in modssl whi...

6.4CVSS5.8AI score0.10872EPSS
Exploits7References3
Cvelist
Cvelist
added 2003/07/10 4:0 a.m.21 views

CVE-2003-0521

Cross-site scripting XSS vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the 1 Error Log or 2 Latest Visitors screens...

6.1AI score0.01647EPSS
Exploits0References1
CVE
CVE
added 2003/07/10 4:0 a.m.57 views

CVE-2003-0521

CVE-2003-0521 is a documented XSS vulnerability in cPanel 6.4.2 where a URL containing script is logged and displayed in the Error Log or Latest Visitors screens, enabling remote attackers to inject arbitrary HTML and potentially gain privileges. The CVSS vector (AV:N/AC:M/Au:N/C:P/I:P/A:P) yield...

6.8CVSS6.3AI score0.01647EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2003/06/18 10:49 a.m.7 views

Low: Red Hat Security Advisory: apache security update for Stronghold

Updated Apache packages are available which fix a security issue by preventing control characters from being written to the error log. The updated packages also include a minor bug fix for modproxy. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. T...

5CVSS5.9AI score0.17413EPSS
Exploits8References2
NVD
NVD
added 2003/03/18 5:0 a.m.26 views

CVE-2003-0020

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

5CVSS7.5AI score0.10872EPSS
Exploits7References38
OSV
OSV
added 2003/03/18 5:0 a.m.10 views

CVE-2003-0020

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

6.4AI score
Exploits0References39
RedHat Linux
RedHat Linux
added 2003/03/03 9:16 a.m.11 views

Important: Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold

Updated versions of Stronghold 4 cross-platform are available to fix a number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat. Also included in this update are bug fixes for modproxy and the modauthzldap package. Stronghold 4 cross platform contains a number of open source technologies suc...

7.5CVSS7AI score0.13718EPSS
Exploits7References4
ALT Linux
ALT Linux
added 2003/02/24 12:0 a.m.42 views

Security fix for the ALT Linux 9 package apache2 version 2.0.40-21

Feb. 24, 2003 Joe Orton &[email protected] 2.0.40-21 - add security fix for CAN-2003-0020; replace non-printable characters with '!' when printing to error log. - disable debuginfo on IA64...

5CVSS7AI score0.10872EPSS
Exploits7
OSV
OSV
added 2002/10/11 4:0 a.m.4 views

CVE-2002-1154

anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service disk consumption by using the command to report updates more frequently and fill the web server error log...

7.1AI score
Exploits0References4
Apache Httpd
Apache Httpd
added 2002/05/08 12:0 a.m.45 views

Apache Httpd < 2.0.36 : Warning messages could be displayed to users

In some cases warning messages could get returned to end users in addition to being recorded in the error log. This could reveal the path to a CGI script for example, a minor security exposure...

5CVSS6.4AI score0.12458EPSS
Exploits0Affected Software1
Rows per page
Query Builder