EUVD-2003-0834

Malware in sbrugna...

EUVD-2003-0833

Malware in sbrugna...

Mod_Gzip 1.3.x Debug Mode Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7769/info Modgzip is reported prone to a stack overflow, format string vulnerability and a file corruption issue due to a predictable naming scheme for log files. Exploitation of these issues could result in execution of...

Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit

No description provided by source. / \ exploit code for modgzip with debugmode = 1.2.26.1a / \ Created by xCrZx crazyeinstein yahoo com /05.06.03/ / \ Tested on RedHat 8.0 Psyche here is target for it, / also tested on FreeBSD 4.7 1.3.19.2a here is no target for it : / \ / / \ / Single mode: \ /...

Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit

Exploit for linux platform in category remote exploits ============================================================= Apache modgzip with debugmode = 1.2.26.1a Remote Exploit ============================================================= / \ exploit code for modgzip with debugmode = 1.2.26.1a / ...

Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Overflow

/ \ exploit code for modgzip with debugmode include include netd...

Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Overflow

Apache modgzip with debugmode 1.2.26.1a - Remote Overflow / \ exploit code for modgzip with debugmode include includ...

Apache mod_gzip (with debug_mode) &lt;= 1.2.26.1a Remote Exploit

No description provided by source. / \ exploit code for modgzip with debugmode = 1.2.26.1a / \ Created by xCrZx crazyeinstein yahoo com /05.06.03/ / \ Tested on RedHat 8.0 Psyche here is target for it, / also tested on FreeBSD 4.7 1.3.19.2a here is no target for it : / \ / / \ / Single mode: \ /...

CVE-2003-0842

Stack-based buffer overflow in modgzipprintf for modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header...

CVE-2003-0843

Format string vulnerability in modgzipprintf for modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding...

CVE-2003-0844

modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via 1 a symlink attack on predictable temporary filenames on Unix systems, or 2 an NTFS hard link on Windows systems when the...

CVE-2003-0844

The CVE affects mod_gzip 1.3.26.1a and earlier. In debug mode without the Apache log, it allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix, or (2) an NTFS hard link on Windows when the policy to strengthen default permissions is no...

CVE-2003-0842

CVE-2003-0842 describes a stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier (and possibly later official versions) when running in debug mode. An attacker can trigger arbitrary code execution remotely by sending a GET request with a long filename and an Accept-Enco...

CVE-2003-0843

CVE-2003-0843 concerns a format-string vulnerability in mod_gzip_printf within mod_gzip (v1.3.26.1a and earlier, possibly later builds) when running in debug mode and handling HTTP requests with Accept-Encoding: gzip. A remote attacker can cause arbitrary code execution by supplying format-string...

CVE-2003-0842

Stack-based buffer overflow in modgzipprintf for modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header...

CVE-2003-0843

Format string vulnerability in modgzipprintf for modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding...

CVE-2003-0844

modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via 1 a symlink attack on predictable temporary filenames on Unix systems, or 2 an NTFS hard link on Windows systems when the...

Mod_gzip Debug Mode Vulnerabilities

Multiple Vulnerabilities in modgzip Debugging Routines I. Synopsis Affected Systems: modgzip 1.3.26.1a and prior Risk: Development: High Production: Minimal Developer URL: http://www.sourceforge.net/projects/mod-gzip Status: Vendor is not supporting project at this time. II. Product Description...

mod_gzip Debug Mode mod_gzip_printf Remote Format String

The remote host is running modgzip with debug symbols compiled in. The debug code includes vulnerabilities that can be exploited by an attacker to gain a shell on this host. C Tenable Network Security, Inc. Ref: From: "Matthew Murphy" To: "BugTraq" , Subject: Modgzip Debug Mode Vulnerabilities...

mod_gzip Detection

The remote host is running modgzip and configured so that its status can be obtained by sending a special request. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11685; scriptversion"$Revision: 1.14 $"; scriptcvsdate"$Date: 2013/01/25 01:19:08 $";...