BusyBox 1.01 - HTTPd Directory Traversal

source: https://www.securityfocus.com/bid/20067/info The httpd daemon of BusyBox is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the...

RHEL 3 / 4 : httpd (RHSA-2006:0619)

Updated Apache httpd packages that correct security issues and resolve bugs are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server available for fre...

CGI Script Source Code Disclosure Vulnerability in Apache for Windows

ADVISORY NAME: CGI Script Source Code Disclosure Vulnerability in Apache for Windows VULNERABLE SYSTEMS: The vulnerability has been verified on Apache 2.2.2 running on Microsoft Windows XP, Version 2002, Service Pack 2. FOUND BY: Susam Pal FOUND ON: 8th August, 2007 VULNERABILITY TYPE: Informatio...

Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : Apache httpd (SSA:2006-209-01)

New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue with modrewrite. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory...

Apache Httpd < 2.2.3 : mod_rewrite off-by-one error

An off-by-one flaw exists in the Rewrite module, modrewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely...

Apache Httpd < 2.0.59 : mod_rewrite off-by-one error

An off-by-one flaw exists in the Rewrite module, modrewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely...

Apache Httpd < 1.3.37 : mod_rewrite off-by-one error

An off-by-one flaw exists in the Rewrite module, modrewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely...

rocksmountdirty.txt

!/bin/sh rocksmountdirty.sh: Rocks release =4.1 local root exploit make sure 'mount-loop' is in your path for this to work. coded by: [email protected] http://xavsec.blogspot.com echo "Rocks Clusters =4.1 mount-loop local root exploit by [email protected] http://xavsec.blogspot.com" echo...

Rocks Clusters 4.1 - mount-loop Local Privilege Escalation

Rocks Clusters 4.1 - mount-loop Local Privilege Escalation !/bin/sh rocksmountdirty.sh: Rocks release =4.1 local root exploit make sure 'mount-loop' is in your path for this to work. coded by: [email protected] http://xavsec.blogspot.com echo "Rocks Clusters =4.1 mount-loop local root exploit b...

CentOS 3 / 4 : httpd (CESA-2005:608)

Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A flaw...

Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : Apache httpd redux (SSA:2006-130-01)

New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a bug with Apache 1.3.35 and glibc that breaks wildcards in Include directives. It may not occur with all versions of glibc, but it has been verified on -current using an Include within a file...

Apache Httpd < 1.3.35 : Expect header Cross-Site Scripting

A flaw in the handling of invalid Expect headers. If an attacker can influence the Expect header that a victim sends to a target site they could perform a cross-site scripting attack. It is known that some versions of Flash can set an arbitrary Expect header which can trigger this flaw. Not marke...

CVE-2006-1681

Cross-site scripting XSS vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated...

Cross site scripting

Cross-site scripting XSS vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated...

CVE-2006-1681

CVE-2006-1681 affects Cherokee HTTPD 0.5 and earlier. A cross-site scripting vulnerability exists where a malformed request that leads to an HTTP 400 error is not properly handled in the error message, allowing remote attackers to inject arbitrary script/HTML into a victim’s browser. Impact descr...

CVE-2006-1681

Cross-site scripting XSS vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated...

Mandrake Linux Security Advisory : php (MDKSA-2006:063)

A vulnerability was discovered where the htmlentitydecode function would return a chunk of memory with length equal to the string supplied, which could include php code, php ini data, other user data, etc. Note that by default, Corporate 3.0 and Mandriva Linux LE2005 ship with magicquotesgpc on...

CVE-2006-1598

AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with 1 dot and 2 space characters in the file extension...

Design/Logic Flaw

AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with 1 dot and 2 space characters in the file extension...

CVE-2006-1598

AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with 1 dot and 2 space characters in the file extension...