Oracle Linux 5 : httpd (ELSA-2009-1075)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1075 advisory. 2.2.3-22.0.1.el53.1 - Replace index.html with oracle's index page oracleindex.html - Update vstring and distro in specfile 2.2.3-22.el53.1 - add securi...

Oracle Linux 5 : Moderate: / httpd (ELSA-2008-0008)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0008 advisory. 2.2.3-12.el51.3.0.1 - use oracle index page oracleindex.html, update vstring and distro 2.2.3-12.el51.3 - further update to backport for CVE-2007-6421...

Oracle Linux 5 : httpd (ELSA-2008-0967)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0967 advisory. 2.2.3-11.0.1.el52.4 - use oracle index page oracleindex.html - update vstring and distro in specfile 2.2.3-11.el52.4 - add security fixes for...

Oracle Linux 6 : httpd (ELSA-2011-1391)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1391 advisory. - add security fixes for CVE-2011-3347, CVE-2011-3368 743901 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 5 : httpd (ELSA-2009-1148)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1148 advisory. 2.2.3-22.0.1.el53.2 - Replace index.html with Oracle's index page oracleindex.html - Update vstring and distro in specfile 2.2.3-22.el53.2 - add securi...

Oracle Linux 6 : httpd (ELSA-2013-0512)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0512 advisory. - add security fix for CVE-2012-2687 850794 - add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 787599 Tenable has...

Ultra Mini HTTPd 1.21 - Remote Stack Buffer Overflow

Exploit Title: Ultra Mini HTTPD stack buffer overflow Date: 10 July 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://www.picolix.jp/ Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.21 Tested on: Windows XP Professional SP2,...

CentOS 5 : httpd (CESA-2010:0659)

Updated httpd packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CentOS 4 : httpd (CESA-2009:1580)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the way the TLS/SSL...

[slackware-security] php

New php packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/php-5.4.16-i486-1slack14.0.txz: Upgraded. This is a bugfix release. It also fixes a security issue -- a...

Plesk Apache Zeroday Remote Exploit

Exploit for php platform in category remote exploits Plesk Apache zeroday / June 2013 discovered & exploited by kingcope this Plesk configuration setting makes it possible: scriptAlias /phppath/ "/usr/bin/" Furthermore this is not cve-2012-1823 because the php interpreter is called directly. no p...

Monkey HTTPD security vulnerabilities

Crash on NULL byte in request. Buffer overflow on oversized header...

Monkey HTTPD 1.1.1 - Denial of Service Vulnerability

Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been designed to be very scalable with low...

CVE-2013-3843 Monkey HTTPD 1.2.0 - Buffer Overflow DoS Vulnerability With Possible Arbitrary Code Execution

Title CVE-2013-3843 Monkey HTTPD 1.2.0 - Buffer Overflow DoS Vulnerability With Possible Arbitrary Code Execution 2. Introduction Monkey is a lightweight and powerful web server for GNU/Linux. It has been designed to be very scalable with low memory and CPU consumption, the perfect solution for...

Monkey HTTPD 1.1.1 - Crash PoC

Exploit for linux platform in category dos / poc Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. I...

Monkey HTTPd 1.1.1 - Crash (PoC)

Monkey HTTPd 1.1.1 - Crash PoC Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been designe...

Monkey HTTPd 1.1.1 - Crash (PoC)

Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been designed to be very scalable with low...

Monkey HTTPD 1.1.1 Denial Of Service

Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been designed to be very scalable with low...

Apache Httpd < 2.4.6 : mod_session_dbd session fixation flaw

A flaw in modsessiondbd caused it to proceed with save operations for a session without considering the dirty flag and the requirement for a new session ID...

SuSE 10 Security Update : subversion (ZYPP Patch Number 8552)

This update fixes several DoS vulnerabilities in subversion's moddavsvn Apache HTTPD server module. CVE-2013-1849 / CVE-2013-1846 / CVE-2013-1845 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...