CVE-2010-3872 Httpd: mod_fcgid: stack-based buffer overflow in fcgid_header_bucket_read() in modules/fcgid/fcgid_bucket.c

A flaw was found in the modfcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgidbucket.c file in the fcgidheaderbucketread function, resulting in an application crash...

CVE-2010-3872

A flaw was found in the modfcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgidbucket.c file in the fcgidheaderbucketread function, resulting in an application crash...

KLA10066 Multiple vulnerabilities in Apache httpd

Multiple serious vulnerabilities have been found in Apache httpd. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, inject code or execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple integer overflow...

Debian DSA-2117-1 : apr-util - denial of service

APR-util is part of the Apache Portable Runtime library which is used by projects such as Apache httpd and Subversion. Jeff Trawick discovered a flaw in the aprbrigadesplitline function in apr-util. A remote attacker could send crafted http requests to cause a greatly increased memory consumption...

Alcatel-Lucent OmniPCX Enterprise - masterCGI Arbitrary Command Execution (Metasploit)

$Id: alcatelomnipcxmastercgiexec.rb 10556 2010-10-05 23:13:04Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

[SECURITY] [DSA-2117-1] New apr-util packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-2117-1 [email protected] http://www.debian.org/security/ Stefan Fritsch October 4, 2010 http://www.debian.org/security/faq -...

[SECURITY] [DSA-2117-1] New apr-util packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-2117-1 [email protected] http://www.debian.org/security/ Stefan Fritsch October 4, 2010 http://www.debian.org/security/faq -...

DSA-2117-1 apr-util - denial of service

Bulletin has no description...

RedHat Update for httpd RHSA-2010:0659-01

Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2010:0659-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

weborf 0.12.2 - Directory Traversal

weborf 0.12.2 - Directory Traversal Title: Weborf httpd = 0.12.2 Directory Traversal Vulnerability Date: Sep 6, 2010 Author: Rew Link: http://galileo.dmi.unict.it/wiki/weborf/doku.php Version: 0.12.2 Tested On: Debian 5 CVE: N/A ============================================================= Weborf...

weborf 0.12.2 - Directory Traversal

Title: Weborf httpd = 0.12.2 Directory Traversal Vulnerability Date: Sep 6, 2010 Author: Rew Link: http://galileo.dmi.unict.it/wiki/weborf/doku.php Version: 0.12.2 Tested On: Debian 5 CVE: N/A ============================================================= Weborf httpd = 0.12.2 suffers a directory...

RedHat Update for httpd RHSA-2010:0659-01

Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2010:0659-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Weborf <= 0.12.2 Directory Traversal Vulnerability

Exploit for windows platform in category remote exploits ================================================== Weborf = 0.12.2 Directory Traversal Vulnerability ================================================== Title: Weborf httpd = 0.12.2 Directory Traversal Vulnerability Date: Sep 6, 2010 Author:...

RHEL 5 : httpd (RHSA-2010:0659)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0659 advisory. The Apache HTTP Server is a popular web server. A flaw was discovered in the way the modproxy module of the Apache HTTP Server handled the...

httpd security and bug fix update

2.2.3-43.0.1.el55.3 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-43.3 - modssl: improved fix for SSLRequire's OID function 625452 2.2.3-43.2 - add security fixes for CVE-2010-1452, CVE-2010-2791 623210 - moddeflate: rebase to 2.2.15...

Slackware 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : httpd (SSA:2010-240-02)

New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2010-240-02. The text itse...

[slackware-security] httpd

New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/httpd-2.2.16-i486-1slack13.1.txz: Upgraded. Fix Handling of requests without a path segment. For more...

Fedora Update for httpd FEDORA-2010-12478

Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2010-12478 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora Update for httpd FEDORA-2010-12478

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 13 : httpd-2.2.16-1.fc13 (2010-12478)

This update contains the latest stable release of the Apache HTTP Server. One security fix is included: CVE-2010-1452: moddav, modcache: Fix Handling of requests without a path segment. Several bugs are also fixed: http://www.apache.org/dist/httpd/CHANGES2.2.16 Note that Tenable Network Security...