117 matches found
USN-3924-1: mod_auth_mellon vulnerabilities
It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL. CVE-2019-3877 It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to access...
USN-3924-1 libapache2-mod-auth-mellon vulnerabilities
It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL. CVE-2019-3877 It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to access...
[SECURITY] [DSA 4414-1] libapache2-mod-auth-mellon security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4414-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst March 23, 2019 https://www.debian.org/security/faq -...
DSA-4414-1 libapache2-mod-auth-mellon - security update
Bulletin has no description...
USN-3825-1 libapache2-mod-perl2 vulnerability
Jan Ingvoldstad discovered that modperl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation. A local attacker could possibly use this issue to execute arbitrary Perl code...
Debian DLA-1507-1 : libapache2-mod-perl2 security update
Jan Ingvoldstad discovered that libapache2-mod-perl2 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processi...
[SECURITY] [DLA 1507-1] libapache2-mod-perl2 security update
Package : libapache2-mod-perl2 Version : 2.0.91624218-2+deb8u3 CVE ID : CVE-2011-2767 Debian Bug : 644169 Jan Ingvoldstad discovered that libapache2-mod-perl2 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there ...
DLA-1507-1 libapache2-mod-perl2 - security update
Bulletin has no description...
Debian: Security Advisory (DLA-1507-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3702-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-3580
The moddavsvn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a REPORT request for a resource that does not exist...
[USN-2391-1] php5 vulnerabilities
========================================================================== Ubuntu Security Notice USN-2391-1 October 30, 2014 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Ubuntu: Security Advisory (USN-2344-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-2778-1 : libapache2-mod-fcgid - heap-based buffer overflow
Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially...
Debian Security Advisory DSA 2778-1 (libapache2-mod-fcgid - heap-based buffer overflow)
Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially...
[SECURITY] [DSA 2778-1] libapache2-mod-fcgid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2778-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 12, 2013 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-2778-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 2532-1 (libapache2-mod-rpaf - denial of service)
Sebastien Bocahu discovered that the reverse proxy add forward module for the Apache webserver is vulnerable to a denial of service attack through a single crafted request with many headers. OpenVAS Vulnerability Test $Id: deb25321.nasl 14276 2019-03-18 14:43:56Z cfischer $ Auto-generated from...
Debian Security Advisory DSA 2532-1 (libapache2-mod-rpaf - denial of service)
Sebastien Bocahu discovered that the reverse proxy add forward module for the Apache webserver is vulnerable to a denial of service attack through a single crafted request with many headers. OpenVAS Vulnerability Test $Id: deb25321.nasl 8972 2018-02-28 07:02:10Z cfischer $ Auto-generated from...
Debian Security Advisory DSA 2641-2 (perl - rehashing flaw)
Yves Orton discovered a flaw in the rehashing code of Perl. This flaw could be exploited to carry out a denial of service attack against code that uses arbitrary user input as hash keys. Specifically an attacker could create a set of keys of a hash causing a denial of service via memory exhaustio...