Apache HTTPD Ranges Header Field Denial of Service - ver 2 (CVE-2011-3192)

A denial of service vulnerability has been reported in Apache httpd server. A remote attacker may exploit this vulnerability to cause a DoS condition in an affected server. The vulnerability is due to an error in Apache's http server while handling requests with malformed Range header values. A...

Joomla! Plugin Core Design Scriptegrator - Local File Inclusion

Joomla! Plugin Core Design Scriptegrator - Local File Inclusion Exploit Title: Core Design Scriptegrator plugin for Joomla! 1.5 file inclusion Author: S2 Crew Hungary Tested on: Debian Linux, Apache, Joomla! 1.5 Code: There's a file called jsloader.php which takes an array of file names from the...

Apache Httpd < 2.0.64 : mod_isapi module unload flaw

A flaw was found with within modisapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using modisapi, a remote attacker could send a malicious request to trigg...

Apache Httpd < 2.2.15 : mod_isapi module unload flaw

A flaw was found with within modisapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using modisapi, a remote attacker could send a malicious request to trigg...

Apache Httpd < 2.2.15 : mod_proxy_ajp DoS

modproxyajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger this issue, resulting in denial of service...

Caedo HTTPd Server v 0.5.1 ALPHA Remote File Download

Exploit for windows platform in category remote exploits !/usr/bin/perl use LWP::Simple; Caedo HTTPd Server v 0.5.1 ALPHA Remote File Download Exploit Author : Zer0 Thunder if @ARGV $file"; print FILE $result; close FILE; print " File Saved : $file \n\n"; print...

Slackware 12.0 / 12.1 / 12.2 / 13.0 / current : httpd (SSA:2010-024-01)

New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2010-024-01. The text itself is...

Mandriva Update for apache-conf MDVA-2010:011 (apache-conf)

Check for the Version of apache-conf OpenVAS Vulnerability Test Mandriva Update for apache-conf MDVA-2010:011 apache-conf Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Mandriva Update for apache-conf MDVA-2010:011 (apache-conf)

Check for the Version of apache-conf OpenVAS Vulnerability Test Mandriva Update for apache-conf MDVA-2010:011 apache-conf Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

php security update

CentOS Errata and Security Advisory CESA-2010:0040 Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripti...

UBUNTU-CVE-2009-4490

minihttpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

[SECURITY] [DSA-1970-1] New openssl packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1970-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 13, 2010 http://www.debian.org/security/faq -...

[SECURITY] [DSA-1970-1] New openssl packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1970-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 13, 2010 http://www.debian.org/security/faq -...

PT-2010-1348 · Acme.Com +2 · Mini Httpd +2

Name of the Vulnerable Software and Affected Versions: mini httpd version 1.19 Description: The issue allows remote attackers to potentially modify a window's title or execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator, as mini httpd writes data t...

DSA-1970-1 openssl - denial of service

Bulletin has no description...

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Name Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Systems Affected nginx 0.7.64 Varnish 2.0.6 Cherokee 0.99.30...

RHEL 3 / 4 : Satellite Server (RHSA-2008:0524)

Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. This release corrects several...

RHEL 4 : Satellite Server (RHSA-2008:0261)

Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. During an internal...

MDVA-2010:011 : apache-conf

This is a maintenance and bugfix release of apache-conf that mainly fixes so that the httpd service is handled more gracefully when reloading the apache server 56857. Other fixes where appliable: - fix 53887 obsolete favicon.ico file in Apache default www pages - workaround 47992 apache does not...

CentOS 5 : httpd (CESA-2009:1075)

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the...