5772 matches found
suPHP -- Privilege escalation
suPHP developer Sebastian Marsching reports: When the suPHPPHPPath was set, modsuphp would use the specified PHP executable to pretty-print PHP source files MIME type x-httpd-php-source or application/x-httpd-php-source. However, it would not sanitize the environment. Thus a user that was allowed...
CentOS Update for httpd CESA-2013:0815 centos5
Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2013:0815 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS Update for httpd CESA-2013:0815 centos6
Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2013:0815 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for httpd RHSA-2013:0815-01
Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2013:0815-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
CentOS Update for httpd CESA-2013:0815 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for httpd CESA-2013:0815 centos5
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected", value:"htt...
Apache Subversion < 1.6.21 / 1.7.x < 1.7.9 Multiple DoS
The version of Apache Subversion Server installed on the remote host is prior to 1.6.21 or 1.7.x prior to 1.7.9. It is, therefore, affected by multiple denial of service DoS vulnerabilities in the 'moddavsvn' Apache HTTPD server module : - A flaw exists in 'moddavsvn' that is triggered when...
Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64 (20130513)
Cross-site scripting XSS flaws were found in the modproxybalancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially- crafted URL, it would lead to arbitrary web script execution in the context of the...
RHEL 5 / 6 : httpd (RHSA-2013:0815)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0815 advisory. The Apache HTTP Server is a popular web server. Cross-site scripting XSS flaws were found in the modproxybalancer module's manager web...
CentOS 5 / 6 : httpd (CESA-2013:0815)
Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...
httpd security update
2.2.15-28.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-28 - modrewrite: add security fix for CVE-2013-1862 953729 2.2.15-27 - add security fixes for CVE-2012-3499, CVE-2012-4558 915883, 915884...
CVE-2013-1847
The moddavsvn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an anonymous LOCK for a URL that does not exist...
CVE-2013-1845
The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service memory consumption by 1 setting or 2 deleting a large number of properties for a file or directory...
CVE-2013-1847
The moddavsvn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an anonymous LOCK for a URL that does not exist...
CVE-2013-1846
The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash via a LOCK on an activity URL...
CVE-2013-1849
The moddavsvn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a PROPFIND request for an activity URL...
CVE-2013-1849
The moddavsvn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a PROPFIND request for an activity URL...
CVE-2013-1845
The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service memory consumption by 1 setting or 2 deleting a large number of properties for a file or directory...
Null pointer dereference
The moddavsvn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a PROPFIND request for an activity URL...
Null pointer dereference
The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash via a LOCK on an activity URL...