CoreHTTP 0.5.3alpha - HTTPd Remote Buffer Overflow

/ corehttpv0.5.3alpha: httpd remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xcorehttp.c -o xcorehttp syntax: ./xcorehttp -r -h host -p port corehttp homepage/url: http://corehttp.sourceforge.net/ bughttp.c:...

corehttp 0.5.3alpha (httpd) Remote Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ========================================================== corehttp 0.5.3alpha httpd Remote Buffer Overflow Exploit ========================================================== / corehttpv0.5.3alpha: httpd remote buffer overflow exploit. by:...

RHEL 3 / 4 : httpd (RHSA-2007:0662)

Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The Apache HTTP Server did not...

CentOS 3 / 4 : httpd (CESA-2007:0662)

Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The Apache HTTP Server did not...

httpd scoreboard lack of PID protection

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...

httpd mod_cache segfault

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...

Moderate: httpd security update

2.0.52-32.3.ent.0.1 - merge Oracle modifications 2.0.52-32.3.ent - add security fix for CVE-2007-3304 246181...

CVE-2005-4857

eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service Apache httpd segmentation fault via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a...

CentOS 3 : httpd (CESA-2007:0533)

Updated Apache httpd packages that correct two security issues and two bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in th...

httpd mod_cache segfault

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...

RHEL 4 : httpd (RHSA-2007:0534)

Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the Apache HTTP...

RHEL 5 : httpd (RHSA-2007:0556)

Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The Apache HTTP Server did not...

Moderate: httpd security update

2.0.46-67.ent.0.1 - index.html cleanup and logo removal 2.0.46-67.ent - rebuild 2.0.46-66.ent - modcache: follow upstream max-stale handling in CVE-2007-1863 fix 244662 2.0.46-65.ent - add security fixes for CVE-2007-1863 and CVE-2006-5752 244662 2.0.46-64.ent - fix ProxyErrorOverride to only...

CentOS 5 : httpd (CESA-2007:0556)

Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The Apache HTTP Server did not...

CVE-2007-3407

CVE-2007-3407 affects Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier. It allows remote attackers to disclose script source code by sending a URI with a trailing encoded space (%20), causing information disclosure. The root cause is improper handling of a trailing %20 in the request. The con...

CVE-2007-3407

Sergey Lyubka Simple HTTPD shttpd 1.38 allows remote attackers to obtain sensitive information script source code via a URL with a trailing encoded space %20...

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

Moderate: Red Hat Security Advisory: httpd security update

Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the Apache HTTP...

Moderate: httpd security update

2.0.52-32.2.ent.0.1 - merge Oracle modifications 2.0.52-32.2.ent - add security fixes for CVE-2007-1863 and CVE-2006-5752 244663...

Moderate: httpd security update

2.2.3-7.el5.0.1 - Marks removal + index page cleanup 2.2.3-7.el5 - add security fixes for CVE-2007-1863, CVE-2007-3304, and CVE-2006-5752 244665...