[SECURITY] Fedora 9 Update: httpd-2.2.9-1.fc9

The Apache HTTP Server is a powerful, efficient, and extensible web server...

[slackware-security] httpd

New httpd packages are available for Slackware 12.0, 12.1, and -current to fix XSS security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-5000 https://vulners.com/cve/CVE-2007-6388 Here are the details...

Slackware 12.0 / 12.1 / current : httpd (SSA:2008-210-02)

New httpd packages are available for Slackware 12.0, 12.1, and -current to fix XSS security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2008-210-02. The text itself is copyright...

Apache Httpd < 2.0.64 : mod_proxy_ftp globbing XSS

A flaw was found in the handling of wildcards in the path of a FTP URL with modproxyftp. If modproxyftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting XSS attacks...

Apache Httpd < 2.2.10 : mod_proxy_ftp globbing XSS

A flaw was found in the handling of wildcards in the path of a FTP URL with modproxyftp. If modproxyftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting XSS attacks...

Apache &lt;= 1.3.31 mod_include Local Buffer Overflow Exploit

No description provided by source. / local exploit for modinclude of apache 1.3.x written by xCrZx /18.10.2004/ bug found by xCrZx /18.10.2004/ Successfully tested on apache 1.3.31 under Linux RH9.0Shrike / / Technical Details: there is an overflow in gettag function: static char gettagpool p, FI...

Apache &lt;= 2.0.49 Arbitrary Long HTTP Headers Denial of Service

No description provided by source. /usr/bin/perl -w use IO::Socket::INET; usage unless @ARGV == 2; my $host = shift@ARGV; my $port = shift@ARGV; sub usage print "\n"; print "\n Apache HTTPd Arbitrary Long HTTP Headers DoS \n"; print " Tested Versions : 2 2.0.49 \n"; print " Adv :...

Apache HTTPd Arbitrary Long HTTP Headers DoS

No description provided by source. /usr/bin/perl exploit for apache apgetmimeheaderscore vuln adv is here: http://www.guninski.com/httpd1.html version: apache 2 2.0.49 apache 1 not tested. by bkbll bkbllcnhonker.net http://www.cnhonker.com tail -f /var/log/messages...

Moderate: Red Hat Security Advisory: Red Hat Application Stack v2.1 security and enhancement update

Red Hat Application Stack v2.1 is now available. This update fixes various security issues and adds several enhancements. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Red Hat Application Stack is an integrated open source application...

Low: Red Hat Security Advisory: Red Hat Network Satellite Server security update

Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. This release corrects several...

Low: Red Hat Security Advisory: Red Hat Network Proxy Server security update

Red Hat Network Proxy Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Proxy Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. The Red Hat Network Proxy Server 4.2....

aprox-lfi.txt

01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: APROX CMS ENGINE V5.1.0.4 LOCAL FILE INCLUSION LFI || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION || 0x04: RISK LEVEL || 0x00: ABOUT M...

Aprox CMS Engine v5(.1.0.4) Local File Inclusion Vulnerability

No description provided by source. 01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: APROX CMS ENGINE V5.1.0.4 LOCAL FILE INCLUSION LFI || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION |...

Aprox CMS Engine v5(.1.0.4) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================== Aprox CMS Engine v5.1.0.4 Local File Inclusion Vulnerability ============================================================== 01010111 01001001 01010010 01000101 01000100 0101001...

Aprox CMS Engine 5.1.0.4 - Local File Inclusion

Aprox CMS Engine 5.1.0.4 - Local File Inclusion 01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: APROX CMS ENGINE V5.1.0.4 LOCAL FILE INCLUSION LFI || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03:...

Apache Httpd < 2.2.9 : mod_proxy_http DoS

A flaw was found in the handling of excessive interim responses from an origin server when using modproxyhttp. A remote attacker could cause a denial of service or high memory usage...

Apache Httpd < 2.0.64 : mod_proxy_http DoS

A flaw was found in the handling of excessive interim responses from an origin server when using modproxyhttp. A remote attacker could cause a denial of service or high memory usage...

HTTPD-User-Manage cross-site scripting vulnerability

Overview HTTPD-User-Manage is a set of Perl modules for managing user authentication information for web servers. It contains a cross-site scripting vulnerability in its CGI as it does not properly validate input strings. This problem does not occur when only the library for managing database is...

httpd scoreboard lack of PID protection

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...

Low: Red Hat Security Advisory: Red Hat Network Proxy Server security update

Red Hat Network Proxy Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Proxy Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. The Red Hat Network Proxy Server 5.0....