httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

Moderate: Red Hat Security Advisory: pki security update

Updated pki-common and pki-tps packages that fix multiple security issues are now available for Red Hat Certificate System 8.1. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Debian Security Advisory DSA 2579-1 (apache2)

The remote host is missing an update to apache2 announced via advisory DSA 2579-1. OpenVAS Vulnerability Test $Id: deb25791.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2579-1 apache2 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian: Security Advisory (DSA-2579-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 18 : awstats-7.0-11.fc18 (2012-18364)

added more hardening in parsing input data and adjusted awstats.conf for httpd-2.4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Apache Httpd < 2.2.22 : mod_proxy_ajp remote DoS

A flaw was found when modproxyajp connects to a backend server that takes too long to respond. Given a specific configuration, a remote attacker could send certain requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of...

Apache Httpd < 2.2.24 : XSS in mod_proxy_balancer

A XSS flaw affected the modproxybalancer manager interface...

Apache Httpd < 2.4.4 : XSS in mod_proxy_balancer

A XSS flaw affected the modproxybalancer manager interface...

Mandriva Linux Security Advisory : apache (MDVSA-2012:154-1)

Multiple vulnerabilities has been found and corrected in apache ASF HTTPD : Insecure handling of LDLIBRARYPATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an...

YingZhi Python 1.9 Arbitrary Traversal / Write

Exploit for php platform in category web applications YingZhi Python Programming Language for iOS Vendor: XiaoWen Huang Version 1.9. Product Websites http://sosilen.blog.163.com http://www.iphoneappstorm.com/iphone-apps/utilities/com.yingzhi.python/yingzhipython.php?id=493505744 YingZhi...

YingZhi Python 1.9 Arbitrary Traversal / Write

YingZhi Python Programming Language for iOS Vendor: XiaoWen Huang Version 1.9. Product Websites http://sosilen.blog.163.com http://www.iphoneappstorm.com/iphone-apps/utilities/com.yingzhi.python/yingzhipython.php?id=493505744 YingZhi Description: Python Interpreter is a native python development...

SAP NetWeaver HTTPd - Partial HTTP POST requests DoS

Application: SAP Versions Affected: SAP Netweaver 7.02/7.3, probably others Vendor URL: http://www.sap.com Bugs: Denial of Service Exploits: YES Reported: 19.09.2012 Vendor response: 20.09.2012 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 1966655 Author: Alexey Tyurin ERPScan...

Slackware Advisory SSA:2010-024-01 httpd

The remote host is missing an update as announced via advisory SSA:2010-024-01. OpenVAS Vulnerability Test $Id: esoftslkssa201002401.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2006-209-01 Apache httpd

The remote host is missing an update as announced via advisory SSA:2006-209-01. OpenVAS Vulnerability Test $Id: esoftslkssa200620901.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2008-210-02 httpd

The remote host is missing an update as announced via advisory SSA:2008-210-02. OpenVAS Vulnerability Test $Id: esoftslkssa200821002.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2008-045-01 httpd

The remote host is missing an update as announced via advisory SSA:2008-045-01. OpenVAS Vulnerability Test $Id: esoftslkssa200804501.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2009-214-01 httpd

The remote host is missing an update as announced via advisory SSA:2009-214-01. OpenVAS Vulnerability Test $Id: esoftslkssa200921401.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2010-240-02 httpd

The remote host is missing an update as announced via advisory SSA:2010-240-02. OpenVAS Vulnerability Test $Id: esoftslkssa201024002.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2011-041-03 httpd

The remote host is missing an update as announced via advisory SSA:2011-041-03. OpenVAS Vulnerability Test $Id: esoftslkssa201104103.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2010-067-01 httpd

The remote host is missing an update as announced via advisory SSA:2010-067-01. OpenVAS Vulnerability Test $Id: esoftslkssa201006701.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...