Apache 2.4.7 mod_status - Scoreboard Handling Race Condition

-- 0. Sparse summary Race condition between updating httpd's "scoreboard" and modstatus, leading to several critical scenarios like heap buffer overflow with user supplied payload and leaking heap which can leak critical memory containing htaccess credentials, ssl certificates private keys and so...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.4.30-i486-1slack14.1.txz: Upgraded. This update fixes bugs and security issues. For more information, see:...

RHEL 5 / 6 : JBoss EAP (RHSA-2014:0826)

Updated httpd packages that fix two security issues are now available for Red Hat JBoss Enterprise Application Platform 6.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2 httpd security update

An update for the Apache HTTP Server packages for Red Hat JBoss Enterprise Application Platform 6.2 that fixes two security issues are now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2 httpd security update

Updated httpd packages that fix two security issues are now available for Red Hat JBoss Enterprise Application Platform 6.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS...

MultiCMS Local File Inclusion Vulnerbility

No description provided by source. Source: http://packetstormsecurity.org/files/view/97987/multicms-lfi.txt =============================wwwdotWhiteponnydotcom============================= Date: 29/01/2011 Author: R3VANBASTARD Exploit Title: MultiCMS File Inclusion Vulnerbility Vendor:...

Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit

No description provided by source. / local exploit for modinclude of apache 1.3.x written by xCrZx /18.10.2004/ bug found by xCrZx /18.10.2004/ Successfully tested on apache 1.3.31 under Linux RH9.0Shrike / / Technical Details: there is an overflow in gettag function: static char gettagpool p, FI...

AN HTTPD 1.42 Arbitrary Log Content Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13069/info AN HTTPD is affected by a vulnerability that may allow remote attacker to inject arbitrary content in to the log file. This issue arises due to a failure of input validation. Corruption of logs may result in...

AN HTTPD 1.x Count.pl Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7397/info AN HTTPd contains a sample script named count.pl that may be used as a web counter. This script does not perform adequate access validation on paths containing directory traversal ../ character seqences. The...

AN HTTPD 1.41 e Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6529/info AN HTTPD does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be executed i...

AN HTTPD CMDIS.DLL Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13066/info AN HTTPD is reported prone to a remote buffer overflow vulnerability. Specifically, the issue presents itself in 'cmdIS.DLL' which calls the 'GetEnvironmentStrings' function to copy environment variables into a...

Surfboard httpd 1.1.9 - Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9299/info It has been reported that Surfboard httpd is prone to a remote buffer overflow condition that may allow an attacker to gain unauthorized access to a system running the vulnerable software. The issue presents...

CodeBlue 5.1 SMTP Response Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5300/info CodeBlue is an Apache httpd log scanning utility that attempts to contact the administrators of hosts infected with worms. A buffer overflow vulnerability has been reported in CodeBlue. The condition occurs when...

textcounter.pl 1.2 Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of entered...

D-Link DWL-G700AP 2.00/2.01 HTTPD Denial of Service Vulnerability

D-Link DWL-G700AP HTTPD is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the 'httpd' service to properly handle malformed data. An attacker can exploit this issue to crash the affected webserver, effectively denying service to legitimate users. The affected...

ATP httpd 0.4 Single Byte Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5956/info ATP httpd is a lightweight HTTP server. A vulnerability has been reported in ATP httpd that may result in compromise of root access to remote attackers. It is possible to overwrite the least significant byte of...

BusyBox 1.01 HTTPD Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20067/info The httpd daemon of BusyBox is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from...

Ultra Mini HTTPD 1.21 - Stack Buffer Overflow

No description provided by source. Exploit Title: Ultra Mini HTTPD stack buffer overflow Date: 10 July 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://www.picolix.jp/ Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.21 Tested on...

Rosiello Security Sphiro HTTPD 0.1 B Remote Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10249/info It has been reported that Sphiro HTTPD is prone to a remote heap based buffer overflow vulnerability. This issue is due to a failure of the application to properly verify buffer boundaries before storing input ...

Aprox CMS Engine 5 (1.0.4) - Local File Inclusion Vulnerability

No description provided by source. 01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: APROX CMS ENGINE V5.1.0.4 LOCAL FILE INCLUSION LFI || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION |...