CVE-2007-1743

CVE-2007-1743 affects Apache HTTP Server (httpd) with the suexec module. The issue is that suexec (in httpd 2.2.3) does not verify combinations of user and group IDs on the command line, which might allow a local user to leverage other vulnerabilities to create arbitrary UID/GID–owned files if /p...

iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities

Apache HTTPD suEXEC Multiple Vulnerabilities iDefense Security Advisory 04.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 11, 2007 I. BACKGROUND The suexec binary is a helper application which is part of the Apache HTTP server package. It is designed to allow a script to run wit...

CentOS 3 / 4 : squirrelmail (CESA-2007:0022)

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3 and 4. SquirrelMail is a standards-based webmail package written in PHP. Several cross-site scripting bugs were discovered in SquirrelMail. An attacker could inject arbitrary JavaScript or HTML...

RHEL 3 / 4 : squirrelmail (RHSA-2007:0022)

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3 and 4. SquirrelMail is a standards-based webmail package written in PHP. Several cross-site scripting bugs were discovered in SquirrelMail. An attacker could inject arbitrary JavaScript or HTML...

squirrelmail security update

CentOS Errata and Security Advisory CESA-2007:0022 A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3 and 4. SquirrelMail is a standards-based webmail package written in PHP. Several cross-site scripting bugs were discovered in SquirrelMail. An...

Moderate: Red Hat Security Advisory: squirrelmail security update

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3 and 4. SquirrelMail is a standards-based webmail package written in PHP. Several cross-site scripting bugs were discovered in SquirrelMail. An attacker could inject arbitrary Javascript or HTML...

Fedora Core 5 : httpd-2.2.2-1.2 (2006-863)

This update fixes a security issue in the modrewrite module. Mark Dowd of McAfee Avert Labs reported an off-by-one security problem in the LDAP scheme handling of the modrewrite module. Where RewriteEngine was enabled, and for certain RewriteRules, this could lead to a pointer being written out o...

Apache Httpd < 2.2.6 : mod_proxy crash

A flaw was found in the Apache HTTP Server modproxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker...

Low: Red Hat Security Advisory: mod_auth_kerb security update

Updated modauthkerb packages that fix a security flaw and a bug in multiple realm handling are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. modauthkerb is module for the Apache HTTP Server designed to...

MattWrighttextcounter.pl远程执行命令漏洞

textcounter.pl是一个由Matt Wright编写的基于Web的记数器脚本，使用比较广泛。 某些早期版本的textcounter.pl脚本实现上存在输入验证漏洞，远程攻击者可以利用此漏洞以httpd进程的权限在主机上执行任意系统命令。问题在于程序脚本没有过滤用户输入中包含的一些特殊字符，远程攻击者可以向$DOCUMENTURI环境变量注入指定的值，脚本在处理的时候就会以Web守护程序的权限（root或nobody）在主机上执行攻击者指定的任意命令。 Matt Wright TextCounter1.2...

Moderate httpd security update

2.0.52-28.1 - changed index.html to oracleindex.html 2.0.52-28.ent - add security fix for Expect header XSS CVE-2006-3918, 200732...

Apache mod_tcl module contains a format string error

Overview A format string vulnerability exists in the modtcl Apache module. This vulnerability may allow a remote attacker to execute arbitrary code. Description The Apache HTTP Server, also known as httpd, is an open-source HTTP server that runs on Microsoft Windows, Linux, Unix, and Apple OS X...

Apache Httpd < 2.0.61 : mod_status cross-site scripting

A flaw was found in the modstatus module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly...

Apache Httpd < 1.3.39 : mod_status cross-site scripting

A flaw was found in the modstatus module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly...

Apache Httpd < 2.2.6 : mod_status cross-site scripting

A flaw was found in the modstatus module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly...

Debian DSA-935-1 : libapache2-mod-auth-pgsql - format string vulnerability

iDEFENSE reports that a format string vulnerability in modauthpgsql, a library used to authenticate web users against a PostgreSQL database, could be used to execute arbitrary code with the privileges of the httpd user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Apache Win32 Chunked Encoding

This module exploits the chunked transfer integer wrap vulnerability in Apache version 1.2.x to 1.3.24. This particular module has been tested with all versions of the official Win32 build between 1.3.9 and 1.3.24. Additionally, it should work against most co-branded and bundled versions of Apach...

CVE-2006-5216

Stack-based buffer overflow in Sergey Lyubka Simple HTTPD shttpd 1.34 allows remote attackers to execute arbitrary code via a long URI...

CVE-2006-5216

SHTTPD

CVE-2006-5216

Stack-based buffer overflow in Sergey Lyubka Simple HTTPD shttpd 1.34 allows remote attackers to execute arbitrary code via a long URI...