NullLogic Null HTTPd 0.5 - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8697/info Null HTTPd has been reported prone to a remotely triggered denial of service vulnerability. The issue has been reported to present itself in the HTTP POST handling routines within the Null HTTPd server. It has...

weborf <= 0.12.2 - Directory Traversal vulnerability

No description provided by source. Title: Weborf httpd = 0.12.2 Directory Traversal Vulnerability Date: Sep 6, 2010 Author: Rew Link: http://galileo.dmi.unict.it/wiki/weborf/doku.php Version: 0.12.2 Tested On: Debian 5 CVE: N/A ============================================================= Weborf...

NCSA httpd 1.x Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/3158/info NCSA HTTPd is a free, open-source web server for nix systems. NCSA HTTPd versions 1.3 and earlier are prone to an exploitable buffer overflowin the username field which will allow malicious remote users to execu...

OneHTTPD 0.8 - Crash PoC

No description provided by source. Exploit Title: onehttpd 0.8 Crash PoC Date: Feb 7,2014 Exploit Author: Mahmod Mahajna Mahy Version: 0.8 Software Link: https://onehttpd.googlecode.com/files/onehttpd-0.8.exe Tested on: Windows XP SP3 Email: [email protected] from requests import...

Caedo HTTPd Server 0.5.1 ALPHA - Remote File Download

No description provided by source. !/usr/bin/perl use LWP::Simple; Caedo HTTPd Server v 0.5.1 ALPHA Remote File Download Exploit Author : Zer0 Thunder if @ARGV 3 print\r\n; printCaedo HTTPd Server Remote File Download Exploit\r\n; printVuln Found and Exploited by Zer0 Thunder\r\n; print;...

Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit

No description provided by source. / m00-apache-w00t.c Apache 1.3.-2.0.48 remote users disclosure exploit by m00 Security. Proof-of-Concept edition This tool scans remote hosts with httpd apache and disclosure information about existens users accounts via wrong default configuration of moduserdir...

Fusion SBX <= 1.2 - Remote Command Execution Exploit

No description provided by source. / Fusion SBX = 1.2 exploit sileFSBXxpl This exploit use vulnerability found into Fusion SBX and create new variable and call it with a malicious function stored in config.php. This exploit utilize injection of three diverse procedures for execution of arbitrary...

NullLogic Null HTTPd 0.5 Error Page Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5603/info NullLogic Null HTTPd is a small multithreaded webserver for Linux and Windows. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. As a result, when an...

Network Tool 0.2 PHPNuke Addon Metacharacter Filtering Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3552/info Network Tool is a PHPNuke addon, written and maintained by Rick Fournier. It is designed to offer network features such as nmap, traceroute, and ping from a web interface. A problem with the package has been...

Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementatio...

Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementatio...

Light HTTPD 0.1 GET Request Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/6162/info Light httpd is prone to a remotely exploitable buffer overflow condition. This overflow can be triggered by sending the server an excessively long GET request. As Light httpd drops user privileges when running,...

Apache 0.8.x/1.0.x,NCSA httpd 1.x test-cgi Directory Listing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2003/info NCSA HTTPd and comes with a CGI sample shell script, test-cgi, located by default in /cgi-bin. This script does not properly enclose an ECHO command in quotes, and as a result shell expansion of the character ca...

SH-HTTPD 0.3/0.4 Character Filtering Remote Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8897/info A problem has been identified in the handling of some characters by sh-httpd. Because of this, an attacker may be able to gain unauthorized access to information. GET GET ../../../sh-httpd/p GET /../../etc/s GET...

W3C CERN httpd 3.0 Proxy Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5447/info CERN httpd is a freely available HTTP server and HTTP proxy server available from the W3C. The httpd Proxy is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are...

Simple HTTPd 1.42 Denial of Servive Exploit

No description provided by source. !/usr/bin/python Exploit Title: Simple HTTPd 1.42 PoC DoS Date: 8/10/2011 Author: G13 Software Link: http://sourceforge.net/projects/shttpd/files/shttpd/1.42/shttpd-1.42.tar.gz/download Version: 1.42 Tested on: WinXP SP1 CVE : 2011-2900 Since Mongoose HTTPd and...

Apache Httpd < 2.4.10 : WinNT MPM denial of service

A flaw was found in the WinNT MPM in httpd versions 2.4.1 to 2.4.9, when using the default AcceptFilter for that platform. A remote attacker could send carefully crafted requests that would leak memory and eventually lead to a denial of service against the server...

AWStats 5.7 - 6.2 - Multiple Remote Exploit

No description provided by source. / AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats software. an user can execute remote code on vulnerable machine, with httpd privileges. References: www.securityfocus.org/bid/12543 coded by:...

RHEL 5 / 6 : JBoss Web Server (RHSA-2013:1133)

Updated httpd packages that fix two security issues are now available for Red Hat JBoss Web Server 2.0.1 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 httpd security and bug fix update

Updated httpd packages that fix two security issues and one bug are now available for Red Hat JBoss Web Server 2.0.1 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...