CVE-2021-27005

CVE-2021-27005 affects NetApp Clustered Data ONTAP. Versions 9.6 and higher before 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are vulnerable to a remote HTTPD crash (DoS). Root cause details are not fully disclosed in the provided documents, but multiple sources confirm a denial-of-service impact via the ...

CVE-2021-27005

Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server...

CVE-2020-20746

A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60EN allows remote attackers to execute arbitrary code or cause a denial of service DoS via a crafted POST request to /goform/SetStaticRouteCfg...

Stack overflow

A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60EN allows remote attackers to execute arbitrary code or cause a denial of service DoS via a crafted POST request to /goform/SetStaticRouteCfg...

CVE-2020-20746

The CVE-2020-20746 affects Tenda AC9 devices, specifically the httpd server in version V15.03.06.60_EN. A stack-based buffer overflow in the endpoint /goform/SetStaticRouteCfg allows remote attackers to execute arbitrary code or cause a DoS. Public sources describe this as a buffer overflow in th...

Debian: Security Advisory (DSA-4757-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4757-1 : apache2 - security update

Several vulnerabilities have been found in the Apache HTTPD server. - CVE-2020-1927 Fabrice Perez reported that certain modrewrite configurations are prone to an open redirect. - CVE-2020-1934 Chamal De Silva discovered that the modproxyftp module uses uninitialized memory when proxying to a...

[SECURITY] [DSA 4757-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4757-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 31, 2020 https://www.debian.org/security/faq -...

Buffer overflow

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19multiTD01, AC9 V1.0 V15.03.05.196318CN, AC9 V3.0 V15.03.06.42multi, AC15 V1.0 V15.03.05.19multiTD01, and AC18 V15.03.05.196318CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the...

[SECURITY] [DSA 4509-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4509-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2019 https://www.debian.org/security/faq -...

CVE-2019-14699

An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server...

CVE-2018-16119

Stack-based buffer overflow in the httpd server of TP-Link WR1043nd Firmware Version 3 allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm...

CVE-2018-16119

Stack-based buffer overflow in the httpd server of TP-Link WR1043nd Firmware Version 3 allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm...

CVE-2018-16119

Stack-based buffer overflow in the httpd server of TP-Link WR1043nd Firmware Version 3 allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm...

CVE-2018-16119

CVE-2018-16119: TP-Link WR1043ND (Firmware Version 3) httpd is vulnerable to a stack-based buffer overflow via a crafted MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm, enabling remote arbitrary code execution. The Red Hat and other CNVD/CVE records confirm the same description; no ...

Raptor WAF v0.6 - Web Application Firewall using DFA

Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. http://funguscodes.blogspot.com.br/ to run: $ git clone https://github.com/CoolerVoid/raptorwaf $ cd raptorwaf; make; bin/raptor Note: Don't execute with "cd bin; ./raptor" us...

Fedora 29 : mod_perl (2018-f6a5b71464)

This release fixes CVE-2011-2767 vulnerability an arbitrary Perl code execution in the context of the httpd server by disabling sections in non-server-level configuration. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Fedora 28 : mod_perl (2018-0ddef94854)

This release fixes CVE-2011-2767 vulnerability an arbitrary Perl code execution in the context of the httpd server by disabling sections in non-server-level configuration. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Apache2 mod_http2 header Denial of Service Vulnerability

This vulnerability allows remote attackers to create a denial of service condition on vulnerable installations of Apache HTTPD server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP2 headers. A crafted HTTP2 request can trigger a...

[SECURITY] Fedora 29 Update: mod_http2-1.11.1-1.fc29

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...