35 matches found
CVE-2016-8612
An error was found in protocol parsing logic of modcluster load balancer Apache HTTP Server modules. An attacker could use this flaw to cause a Segmentation Fault in the serving httpd process...
Apache Subversion mod_dav_svn Integer Overflow (CVE-2015-5343)
Heap overflow and out-of-bounds read vulnerabilities have been reported in the moddavsvn of Apache Subversion web servers. These vulnerabilities are caused by an integer overflow when parsing certain encoded requests. A remote, authenticated attacker could exploit this vulnerability by sending...
Network Tool 0.2 PHPNuke Addon Metacharacter Filtering Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3552/info Network Tool is a PHPNuke addon, written and maintained by Rick Fournier. It is designed to offer network features such as nmap, traceroute, and ping from a web interface. A problem with the package has been...
Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
No description provided by source. / local exploit for modinclude of apache 1.3.x written by xCrZx /18.10.2004/ bug found by xCrZx /18.10.2004/ Successfully tested on apache 1.3.31 under Linux RH9.0Shrike / / Technical Details: there is an overflow in gettag function: static char gettagpool p, FI...
Medium: subversion
Issue Overview: A NULL pointer dereference flaw was found in the way the moddavsvn module handled PROPFIND requests on activity URLs. A remote attacker could use this flaw to cause the httpd process serving the request to crash. CVE-2013-1849 A flaw was found in the way the moddavsvn module handl...
RedHat Update for subversion RHSA-2011:0862-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 13 : subversion-1.6.16-1.fc13 (2011-2698)
A NULL pointer dereference flaw was found in the way the moddavsvn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. CVE-2011-0715 The Fedora Project would lik...
Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution
This module abuses a metacharacter injection vulnerability in the HTTP management interface of the Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 and earlier. The Unified Maintenance Tool contains a 'masterCGI' binary which allows an unauthenticated attacker to execute arbitrary...
Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
No description provided by source. / local exploit for modinclude of apache 1.3.x written by xCrZx /18.10.2004/ bug found by xCrZx /18.10.2004/ Successfully tested on apache 1.3.31 under Linux RH9.0Shrike / / Technical Details: there is an overflow in gettag function: static char gettagpool p, FI...
MattWrighttextcounter.pl远程执行命令漏洞
textcounter.pl是一个由Matt Wright编写的基于Web的记数器脚本,使用比较广泛。 某些早期版本的textcounter.pl脚本实现上存在输入验证漏洞,远程攻击者可以利用此漏洞以httpd进程的权限在主机上执行任意系统命令。问题在于程序脚本没有过滤用户输入中包含的一些特殊字符,远程攻击者可以向$DOCUMENTURI环境变量注入指定的值,脚本在处理的时候就会以Web守护程序的权限(root或nobody)在主机上执行攻击者指定的任意命令。 Matt Wright TextCounter1.2...
Apache mod_tcl module contains a format string error
Overview A format string vulnerability exists in the modtcl Apache module. This vulnerability may allow a remote attacker to execute arbitrary code. Description The Apache HTTP Server, also known as httpd, is an open-source HTTP server that runs on Microsoft Windows, Linux, Unix, and Apple OS X...
[UNIX] Discuz! Command Execution Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
[Full-Disclosure] iDEFENSE Security Advisory 09.29.04 - Macromedia JRun 4 mod_jrun Apache Module Buffer Overflow Vulnerability
Macromedia JRun 4 modjrun Apache Module Buffer Overflow Vulnerability iDEFENSE Security Advisory 09.29.04 www.idefense.com/application/poi/display?id=145&type=vulnerabilities September 29, 2004 I. BACKGROUND Macromedia JRun 4 is a full Java 2 Enterprise Edition J2EE compatible application server...
Mandrake Linux Security Advisory : apache2 (MDKSA-2003:096-1)
A problem was discovered in Apache2 where CGI scripts that output more than 4k of output to STDERR will hang the script's execution which can cause a Denial of Service on the httpd process because it is waiting for more input from the CGI that is not forthcoming due to the locked write call in...
Leif M. Wright - ad.cgi 1.0 Unchecked Input
Leif M. Wright - ad.cgi 1.0 Unchecked Input source: https://www.securityfocus.com/bid/2103/info ad.cgi is an ad rotation script freely available, and written by Leif Wright. A problem exists in the script which may allow access to restricted resources. The problem occurs in the method in which th...