httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2010:0175 Updated httpd packages that fix one security issue, a bug, and add an enhancement are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability...

Monkey HTTP Daemon < 0.9.3 Denial of Service Vulnerability

No description provided by source. Monkey HTTP Daemon is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Versions prior to Monkey HTTP Daemon 0.9.3 are vulnerable. !/usr/bin/env python...

Monkey HTTP Daemon < 0.9.3 Denial of Service Vulnerability

Exploit for unknown platform in category dos / poc ========================================================== Monkey HTTP Daemon " % argv0 sys.exit0 host = argv1 port = intargv2 print " target: %s:%d" % host, port payload = GET payload += "HTTP/1.1\r\nConnection:\n\r\n\r\n"; print " payload: %s" ...

Monkey HTTP Daemon 0.9.3 - Denial of Service

Monkey HTTP Daemon 0.9.3 - Denial of Service Monkey HTTP Daemon is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Versions prior to Monkey HTTP Daemon 0.9.3 are vulnerable. !/usr/bin/env...

Monkey HTTP Daemon &lt; 0.9.3 - Denial of Service

Monkey HTTP Daemon is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Versions prior to Monkey HTTP Daemon 0.9.3 are vulnerable. !/usr/bin/env python monkeyex.py -- Patroklos Argyroudis, ar...

Monkey HTTP Daemon Invalid HTTP 'Connection' Header Denial Of Service Vulnerability

Monkey HTTP Daemon is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Versions prior to Monkey HTTP Daemon 0.9.3 are vulnerable. OpenVAS Vulnerability Test $Id: monkeyhttp37307.nasl 5390...

Gentoo Security Advisory GLSA 200907-04 (apache)

The remote host is missing updates announced in advisory GLSA 200907-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200907-04 (apache)

The remote host is missing updates announced in advisory GLSA 200907-04. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

DD-WRT HTTP Daemon Metacharacter Injection Remote Code Execution

The remote web server is vulnerable to a command injection attack that may allow an attacker to execute arbitrary commands on the remote server usually with root privileges. An attacker can exploit this flaw to take complete ownership of the remote device. C Tenable Network Security, Inc...

GLSA-200907-02 : ModSecurity: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200907-02 ModSecurity: Denial of Service Multiple vulnerabilities were discovered in ModSecurity: Juan Galiana Lara of ISecAuditors discovered a NULL pointer dereference when processing multipart requests without a part header nam...

ZDI-09-017: Oracle Applications Server 10g Format String Vulnerability

ZDI-09-017: Oracle Applications Server 10g Format String Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-017 April 14, 2009 -- Affected Vendors: Oracle -- Affected Products: Oracle Application Server -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have been...

Oracle Applications Server 10g Format String Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Applications Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Oracle Process Manager and Notification opmn daemon which is an HTTP...

MG-SOFT Net Inspector 6.5.0.828 Multiple Remote Vulnerabilities

No description provided by source. Luigi Auriemma Application: MG-SOFT Net Inspector http://www.mg-soft.com/netinsp.html bug C affects any MgWTrap3 service which is included in...

MG-SOFT Net Inspector 6.5.0.828 Multiple Remote Vulnerabilities

No description provided by source. Luigi Auriemma Application: MG-SOFT Net Inspector http://www.mg-soft.com/netinsp.html bug C affects any MgWTrap3 service which is included in almost all the MG-SOFT products like MIB Browser, Query Manager, Trap Ringer Pro and so on Versions: Net Inspector =...

Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow

This module exploits a stack buffer overflow in Winamp 5.24. By sending an overly long artist tag, a remote attacker may be able to execute arbitrary code. This vulnerability can be exploited from the browser or the Winamp client itself. This module requires Metasploit:...

BitDefender Update Server - Unauthorized Remote File Access Vulnerability

BitDefender Update Server - Unauthorized Remote File Access Vulnerability ==================================================== Affected Products: - BitDefender Security for Fileservers - BitDefender Enterprise Manager BDEM - All BitDefender Products, using their internal update server product...

BitDefender Products - Update Server HTTP Daemon Directory Traversal

BitDefender Products - Update Server HTTP Daemon Directory Traversal source: https://www.securityfocus.com/bid/27358/info BitDefender Update Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an...

BitDefender Products - Update Server HTTP Daemon Directory Traversal

source: https://www.securityfocus.com/bid/27358/info BitDefender Update Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access potentially sensitive information that could aid in...

Debian: Security Advisory (DSA-799-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on the physical environment via a CiscoIPPhoneExecute message containing a URL attribute of an...