XiongMai uc-httpd 1.0.0 - Buffer Overflow

Exploit Title: XiongMai uc-httpd 1.0.0 - Buffer Overflow Date: 2018-06-08 Exploit Author: Andrew Watson Software Version: XiongMai uc-httpd 1.0.0 Vendor Homepage: http://www.xiongmaitech.com/en/ Tested on: KKMoon DVR running XiongMai uc-httpd 1.0.0 on TCP/81 CVE ID: CVE-2018-10088 DISCLAIMER: Thi...

XiongMai uc-httpd 1.0.0 Buffer Overflow

Exploit Title: XiongMai uc-httpd 1.0.0 - Buffer Overflow Date: 2018-06-08 Exploit Author: Andrew Watson Software Version: XiongMai uc-httpd 1.0.0 Vendor Homepage: http://www.xiongmaitech.com/en/ Tested on: KKMoon DVR running XiongMai uc-httpd 1.0.0 on TCP/81 CVE ID: CVE-2018-10088 DISCLAIMER: Thi...

[SECURITY] [DLA 1389-1] apache2 security update

Package : apache2 Version : 2.2.22-13+deb7u13 CVE ID : CVE-2017-15710 CVE-2018-1301 CVE-2018-1312 Debian Bug : Several vulnerabilities have been found in the Apache HTTPD server. CVE-2017-15710 Alex Nichols and Jakob Hirsch reported that modauthnzldap, if configured with AuthLDAPCharsetConfig,...

Apache httpd FilesMatch Directive Security Restriction Bypass (CVE-2017-15715)

A security policy bypass vulnerability exists in Apache httpd. A remote attacker can exploit this vulnerability by sending a HTTP request with crafted URI to the remote HTTP server. Successful exploitation could result security policy bypass and arbitrary file upload...

EulerOS 2.0 SP1 : httpd (EulerOS-SA-2018-1151)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the...

EulerOS 2.0 SP2 : httpd (EulerOS-SA-2018-1152)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the...

F5 Networks BIG-IP : Apache HTTPD vulnerability (K75429050)

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a malicious Content-Type response header. CVE-2017-7679 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/php-5.6.36-i586-1slack14.2.txz: Upgraded. This fixes many bugs, including some security issues: Heap Buffer Overflow READ: 1786 in...

Fedora Update for httpd FEDORA-2018-e6d9251471

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Httpd < 2.4.34 : DoS for HTTP/2 connections by crafted requests

By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. This issue only affects servers that have configured and enabled HTTP/2 support, which is not the default...

TPLINK TLWR740N路由器远程代码执行漏洞(CVE-2017-13772)

INTRODUCTION In October of 2017 we disclosed multiple vulnerabilities in TP-Link’s WR940n router that occurred due to multiple code paths calling strcpy on user controllable unsanitised input CVE-2017-13772 The httpd binary responsible for these vulnerabilities contained patterns of code that...

[SECURITY] Fedora 26 Update: mod_http2-1.10.18-1.fc26

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender Unauthorized Remote Reboot

Exploit Title: TP-Link Technologies TL-WA850RE Wi-Fi Range Extender | Unauthorized Remote Reboot Date: 25/04/2018 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Firmware Link: https://www.tp-link.com/en/download/TL-WA850RE.html Category: dos 1. www.shodan.io with title...

Critical Photon OS Security Update - PHSA-2018-0039

Updates of 'libvirt', 'httpd', 'zsh', 'libtiff', 'openjdk8', 'librelp' packages of Photon OS have been released...

TP-Link TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot Vulnerability

Exploit for hardware platform in category web applications Exploit Title: TP-Link Technologies TL-WA850RE Wi-Fi Range Extender | Unauthorized Remote Reboot Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Firmware Link: https://www.tp-link.com/en/download/TL-WA850RE.html Category:...

Critical Photon OS Security Update - PHSA-2018-0126

Updates of 'httpd', 'strongswan', 'paramiko', 'python3', 'patch', 'mercurial', 'xerces-c', 'pycrypto', 'sqlite- autoconf', 'binutils', 'mysql', 'net-snmp' packages of Photon OS have been released...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Xiongmaitech Ahb7008F8-H_Firmware

uc-httpd-1.0.0-buffer-overflow-exploit XiongMai uc-httpd 1.0...

Fedora Update for httpd FEDORA-2018-375e3244b6

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: mod_http2-1.10.16-1.fc27

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

BSA-2018-552

Security Advisory ID : BSA-2018-552 Component : Apache HTTPD Revision : 2.0: Final A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.33 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial...