Anti-Web HTTPd 2.2 Script - Engine File Opening Denial of Service

source: https://www.securityfocus.com/bid/3782/info Anti-Web HTTPD is a freely available, open source web server designed for use on the Linux platform. It is maintained by Doug Hoyte. Under certain circumstances awhttpd reacts unpredictably. When a script is executed that opens a file that does...

Apache Httpd < 1.3.27 : Shared memory permissions lead to local privilege escalation

The permissions of the shared memory used for the scoreboard allows an attacker who can execute under the Apache UID to send a signal to any process as root or cause a local denial of service attack...

RH Linux Tux HTTPD DoS

TUX HTTPD Denial of Service Condition ============================= Background: ------------- Tux is a Kernel-Space HTTP server coded for optimal performance IRQ Affinity,HTTP compression, direct scatter-gather DMA etc. It is meant to be used as the main HTTP server for static objects with reques...

Apache Httpd < 1.3.22 : split-logfile can cause arbitrary log files to be written to

A vulnerability was found in the split-logfile support program. A request with a specially crafted Host: header could allow any file with a .log extension on the system to be written to...

Apache Httpd < 1.3.22 : Multiviews can cause a directory listing to be displayed

A vulnerability was found when Multiviews are used to negotiate the directory index. In some configurations, requesting a URI with a QUERYSTRING of M=D could return a directory listing rather than the expected index page...

Apache Httpd < 1.3.22 : Requests can cause directory listing to be displayed

A vulnerability was found in the Win32 port of Apache 1.3.20. A client submitting a very long URI could cause a directory listing to be returned rather than the default index page...

Squid httpd acceleration acl bug enables portscanning

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory: NASR-2001-001 [email protected] Date: 18 July 2001 Summary: Squid can be used to proxy and also portscan if set up as a httpd accelerator reverse proxy. Versions Affected: 2.3STABLE3 and 2.3STABLE4 unpatched This includes the RedHa...

Squid Web Proxy 2.3 - Reverse Proxy

source: https://www.securityfocus.com/bid/3062/info Squid is a free client-side web proxy that retrieves cached web pages for quick browsers and a reduction in bandwidth consumption. Squid servers, when configured as an "HTTP accelerator only", may allow remote attackers to use them as port...

CVE-2001-0454

Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... modified dot dot in the HTTP request...

Apache 1.3 - Artificially Long Slash Path Directory Listing (3)

Apache 1.3 - Artificially Long Slash Path Directory Listing 3 source: https://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, include...

Apache 1.3 - Artificially Long Slash Path Directory Listing (3)

source: https://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementations of the UNIX operating system an...

Apache 1.3 - Artificially Long Slash Path Directory Listing (4)

source: https://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementations of the UNIX operating system an...

CVE-2001-0454

Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... modified dot dot in the HTTP request...

CVE-2001-0454

CVE-2001-0454 describes a directory traversal vulnerability in SlimServe HTTPd 1.1a. The issue allows an unauthenticated attacker to read arbitrary files by supplying a modified dot-dot sequence in the HTTP request path. The impact is partial confidentiality (read access to files) with no indicat...

Apache Httpd < 1.3.20 : Denial of service attack on Win32 and OS2

A vulnerability was found in the Win32 and OS2 ports of Apache 1.3. A client submitting a carefully constructed URI could cause a General Protection Fault in a child process, bringing up a message box which would have to be cleared by the operator to resume operation. This vulnerability introduce...

CVE-2001-0297

Directory traversal vulnerability in Simple Server HTTPd 1.0 originally Free Java Server allows remote attackers to read arbitrary files via a .. dot dot in the URL...

CVE-2001-0171

Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request...

CVE-2001-0297

Directory traversal vulnerability in Simple Server HTTPd 1.0 originally Free Java Server allows remote attackers to read arbitrary files via a .. dot dot in the URL...

CVE-2001-0298

Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request...

CVE-2001-0297

CVE-2001-0297 affects Simple Server HTTPd 1.0 (originally Free Java Server). The vulnerability is a directory traversal that allows remote attackers to read arbitrary files via a .. in the URL. This is described in NVD; connected EUVD entry mentions malware without remediation details. The provid...