HTTP Negative Content-Length DoS Vulnerability

The Savant web server was crashed by sending an invalid GET HTTP request with a negative Content-Length field. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

Apache Httpd < 2.0.58 : mod_imap Referer Cross-Site Scripting

A flaw in modimap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers...

Apache Httpd < 2.2.2 : mod_imap Referer Cross-Site Scripting

A flaw in modimap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers...

Apache Httpd < 1.3.35 : mod_imap Referer Cross-Site Scripting

A flaw in modimap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers...

Hasbani-WindWeb/2.0 - GET Remote Denial of Service

/ . \ \ \ \ | | / | | | | \ / / /\ \ / \ | \ / / / / 26\09\05 / || / / i Title: Hasbani-WindWeb/2.0 - HTTP GET Remote DoS i Discovered by: Expanders i Exploit by: Expanders What is Hasbani-WindWeb/2.0 Hasbani server is a httpd created for menaging ethernet routers and adsl modems. Why HTTPD...

Apache Httpd < 2.0.55 : Malicious CRL off-by-one

An off-by-one stack overflow was discovered in the modssl CRL verification callback. In order to exploit this issue the Apache server would need to be configured to use a malicious certificate revocation list CRL...

Apache Httpd < 2.0.55 : PCRE overflow

An integer overflow flaw was found in PCRE, a Perl-compatible regular expression library included within httpd. A local user who has the ability to create .htaccess files could create a maliciously crafted regular expression in such as way that they could gain the privileges of a httpd child...

Apache Httpd < 2.0.55 : Worker MPM memory leak

A memory leak in the worker MPM would allow remote attackers to cause a denial of service memory consumption via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. This issue was downgraded in severity to low from moderate as sucessful...

Mandrake Linux Security Advisory : apache2 (MDKSA-2005:161)

A flaw was discovered in modssl's handling of the 'SSLVerifyClient' directive. This flaw occurs if a virtual host is configured using 'SSLVerifyClient optional' and a directive 'SSLVerifyClient required' is set for a specific location. For servers configured in this fashion, an attacker may be ab...

Fedora Core 3 : httpd-2.0.53-3.3 (2005-848)

This update includes two security fixes. An issue was discovered in modssl where 'SSLVerifyClient require' would not be honoured in location context if the virtual host had 'SSLVerifyClient optional' configured CVE-2005-2700. An issue was discovered in memory consumption of the byterange filter f...

Fedora Core 4 : httpd-2.0.54-10.2 (2005-849)

This update includes two security fixes. An issue was discovered in modssl where 'SSLVerifyClient require' would not be honoured in location context if the virtual host had 'SSLVerifyClient optional' configured CVE-2005-2700. An issue was discovered in memory consumption of the byterange filter f...

iDEFENSE Security Advisory 09.13.05: Linksys WRT54G &#39;restore.cgi&#39; Configuration Modification Design Error Vulnerability

Linksys WRT54G 'restore.cgi' Configuration Modification Design Error Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=306&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and router...

iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Management Interface DoS Vulnerability

Linksys WRT54G Management Interface DoS Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=308&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and router. More information is availab...

RHEL 4 : httpd (RHSA-2005:608)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:608 advisory. The Apache HTTP Server is a popular and freely-available Web server. A flaw was discovered in modssl's handling of the SSLVerifyClient...

Apache Httpd < 2.0.55 : SSLVerifyClient bypass

A flaw in the modssl handling of the "SSLVerifyClient" directive. This flaw would occur if a virtual host has been configured using "SSLVerifyClient optional" and further a directive "SSLVerifyClient required" is set for a specific location. For servers configured in this fashion, an attacker may...

[UNIX] Discuz! Command Execution Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Fedora Core 4 : httpd-2.0.54-10.1 (2005-639)

This update security fixes for CVE-2005-2088 and CVE-2005-1268, along with some minor bug fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

RHEL 4 : httpd (RHSA-2005:582)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:582 advisory. The Apache HTTP Server is a powerful, full-featured, efficient, and freely-available Web server. Watchfire reported a flaw that occured when...

FreeBSD : php -- readfile() DoS vulnerability (07f3fe15-a9de-11d9-a788-0001020eed82)

A SUSE Security advisory reports : A bug in the readfile function of php4 could be used to to crash the httpd running the php4 code when accessing files with a multiple of the architectures page size leading to a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

CVE-2002-1930

CVE-2002-1930 : Red Hat and other sources confirm a buffer overflow in AN HTTPd versions 1.38–1.4.1c that allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username. The available descriptions identify the affected product and the input vector but do not provide a...