5781 matches found
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2884)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K34125394: Apache HTTPD vulnerability CVE-2017-3167
Security Advisory Description In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. CVE-2017-3167 Impact When this vulnerability is exploited, an...
PT-2022-6285 · Tp Link · Tp-Link Archer C5 +1
Name of the Vulnerable Software and Affected Versions: TP-Link Archer C5 version 2 TP-Link WR710N version 1 Description: The issue is related to a heap-based buffer overflow when handling packets, which can be exploited by a remote attacker to execute arbitrary code or cause a denial of service...
PT-2022-6284 · Tp Link · Tp-Link Archer C5 +1
Name of the Vulnerable Software and Affected Versions: TP-Link Archer C5 version 2 TP-Link WR710N version 1 Description: The issue is related to the strcmp function used for checking credentials in the httpd process of TP-Link routers. This function is susceptible to a side-channel attack, where ...
httpd: Out-of-bounds read in ap_strcmp_match()
An out-of-bounds read vulnerability was found in httpd. A very large input to the apstrcmpmatch function can lead to an integer overflow and result in an out-of-bounds read...
httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism
A flaw was found in the modproxy module of httpd. The server may remove the X-Forwarded- headers from a request based on the client-side Connection header hop-by-hop mechanism...
httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write...
httpd: mod_sed: Read/write beyond bounds
An out-of-bounds read/write vulnerability was found in the modsed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using modsed with data provided by the attacker...
httpd: mod_proxy_ajp: Possible request smuggling
An HTTP request smuggling vulnerability was found in the modproxyajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests...
httpd: Out-of-bounds read via ap_rwrite()
An out-of-bounds read vulnerability was found in httpd. A very large input to the aprputs and aprwrite functions can lead to an integer overflow and result in an out-of-bounds read...
httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write...
httpd: mod_proxy_ajp: Possible request smuggling
An HTTP request smuggling vulnerability was found in the modproxyajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests...
The vulnerability of the httpd daemon in the embedded software of the NETGEAR R7000P router allows a hacker to execute arbitrary code.
The vulnerability of the httpd daemon in the NETGEAR R7000P integrated router software is related to buffer overflow vulnerabilities through parameters such as starthour, startminute, endhour, and endminute. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the httpd daemon in the microprogramming-based router software from TP-Link’s TL-WR940N allows a hacker to bypass authentication processes and gain unauthorized access to the equipment.
The vulnerability of the httpd daemon in the microprogramming-based routing software of TP-Link’s TL-WR940N device is related to the use of insufficiently random values. Exploiting this vulnerability allows a malicious actor to bypass authentication processes and gain unauthorized access to the...
The vulnerability of the httpd daemon in the embedded software of the NETGEAR R7000P router allows a hacker to execute arbitrary code.
The vulnerability of the httpd daemon in the NETGEAR R7000P router’s embedded software is related to buffer overflow errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through the wandns1sec parameter...
The vulnerability of the httpd daemon in the NETGEAR R7000P router’s embedded software allows a hacker to execute arbitrary code.
The vulnerability of the httpd daemon in the NETGEAR R7000P router’s embedded software is related to a buffer overflow exploit through the enablebandsteering parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
NETGEAR R7000P Buffer Overflow Vulnerability
The NETGEAR R7000P is Netgear's Nighthawk series of dual-band routers optimized for gaming, streaming and mobile devices. The NETGEAR R7000P suffers from a buffer overflow vulnerability that stems from being affected by the enablebandsteering parameter in /usr/sbin/httpd. No detailed vulnerabilit...
CVE-2009-1890 affecting package httpd 2.4.53-1
CVE-2009-1890 affecting package httpd 2.4.53-1. This CVE either no longer is or was never applicable...
NETGEAR R7000P Buffer Overflow Vulnerability
NETGEAR R7000P is a wireless router from NETGEAR, Inc. A security vulnerability exists in NETGEAR R7000P v1.3.1.64, which stems from being affected by the starthour, startminute, endhour, and endminute parameters in /usr/sbin/httpd. No detailed vulnerability details are currently available...
CVE-2022-44184
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wandns1sec...