Lucene search
K

65 matches found

Tenable Nessus
Tenable Nessus
added 2013/01/17 12:0 a.m.56 views

CentOS 5 : httpd (CESA-2013:0130)

Updated httpd packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give...

4.3CVSS7.6AI score0.6477EPSS
Exploits4References5
Cent OS
Cent OS
added 2013/01/09 8:52 p.m.110 views

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2013:0130 Updated httpd packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common...

4.3CVSS7AI score0.6477EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2013/01/08 12:0 a.m.35 views

RHEL 5 : httpd (RHSA-2013:0130)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0130 advisory. - httpd: modnegotiation XSS via untrusted file names in directories with MultiViews enabled CVE-2008-0455, CVE-2012-2687 - httpd:...

4.3CVSS7.7AI score0.6477EPSS
Exploits4References15
OpenVAS
OpenVAS
added 2012/11/09 12:0 a.m.50 views

Ubuntu Update for apache2 USN-1627-1

Ubuntu Update for Linux kernel vulnerabilities USN-1627-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16271.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for apache2 USN-1627-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

2.6CVSS0.22515EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2012/11/09 12:0 a.m.68 views

Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : apache2 vulnerabilities (USN-1627-1)

It was discovered that the modnegotiation module incorrectly handled certain filenames, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output durin...

2.6CVSS6.4AI score0.22515EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2012/11/09 12:0 a.m.59 views

Ubuntu: Security Advisory (USN-1627-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.6CVSS5.8AI score0.22515EPSS
Exploits4References3
Ubuntu
Ubuntu
added 2012/11/08 10:22 p.m.115 views

USN-1627-1: Apache HTTP Server vulnerabilities

It was discovered that the modnegotiation module incorrectly handled certain filenames, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output durin...

2.6CVSS7AI score0.22515EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2012/11/05 12:0 a.m.40 views

FreeBSD : apache22 -- several vulnerabilities (65539c54-2517-11e2-b9d6-20cf30e32f6d)

Apache HTTP SERVER PROJECT reports:low: XSS in modnegotiation when untrusted uploads are supported CVE-2012-2687 Possible XSS for sites which use modnegotiation and allow untrusted uploads to locations which have MultiViews enabled. low: insecure LDLIBRARYPATH handling CVE-2012-0883 This issue wa...

6.9CVSS8AI score0.22515EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2012/10/02 12:0 a.m.40 views

Mandriva Linux Security Advisory : apache (MDVSA-2012:154-1)

Multiple vulnerabilities has been found and corrected in apache ASF HTTPD : Insecure handling of LDLIBRARYPATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an...

6.9CVSS8AI score0.22515EPSS
Exploits5References4
securityvulns
securityvulns
added 2012/10/01 12:0 a.m.67 views

Apache security vulnerabilities

modnegotiation crossite scripting, local shared library privilege escalation...

6.9CVSS2.3AI score0.22515EPSS
Exploits5References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/09/17 12:0 a.m.36 views

Apache 2.2 < 2.2.23 Multiple Vulnerabilities

Binary data 6576.prm...

6.9CVSS8.3AI score0.22515EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2012/09/14 12:0 a.m.183 views

Apache 2.2.x < 2.2.23 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.23. It is, therefore, potentially affected by the following vulnerabilities : - The utility 'apachectl' can receive a zero-length directory name in the LDLIBRARYPATH via the 'envvars' file. A local...

6.9CVSS8AI score0.22515EPSS
Exploits5References4
FreeBSD
FreeBSD
added 2012/09/13 12:0 a.m.42 views

apache22 -- several vulnerabilities

Apache HTTP SERVER PROJECT reports: low: XSS in modnegotiation when untrusted uploads are supported CVE-2012-2687 Possible XSS for sites which use modnegotiation and allow untrusted uploads to locations which have MultiViews enabled. low: insecure LDLIBRARYPATH handling CVE-2012-0883 This issue w...

6.9CVSS6.1AI score0.22515EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2012/08/23 12:0 a.m.62 views

Apache 2.4.x < 2.4.3 Multiple Vulnerabilities

According to its banner, the version of Apache 2.4.x running on the remote host is prior 2.4.3. It is, therefore, affected by the following vulnerabilities : - An input validation error exists related to 'modnegotiation', 'Multiviews' and untrusted uploads that can allow cross-site scripting...

4.3CVSS7.4AI score0.22515EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2012/08/23 12:0 a.m.28 views

Apache 2.4.1, 2.4.2 Multiple Vulnerabilities

Binary data 6550.prm...

4.3CVSS7.7AI score0.22515EPSS
Exploits2References5
Prion
Prion
added 2012/08/22 7:55 p.m.31 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

2.6CVSS5.8AI score0.22515EPSS
Exploits2References42Affected Software1
CVE
CVE
added 2012/08/22 7:0 p.m.1280 views

CVE-2012-2687

Apache HTTP Server 2.4.x before 2.4.3 is affected by CVE-2012-2687 due to XSS in the mod_negotiation make_variant_list function (mod_negotiation.c) when MultiViews is enabled. The vulnerability arises from improper handling of crafted filenames during variant list construction, allowing remote at...

2.6CVSS5.5AI score0.22515EPSS
Exploits2References42Affected Software1
Debian CVE
Debian CVE
added 2012/08/22 7:0 p.m.49 views

CVE-2012-2687

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

2.6CVSS5.6AI score0.22515EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2012/08/22 12:0 a.m.67 views

CVE-2012-2687

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

2.6CVSS7.2AI score0.22515EPSS
Exploits2References2
Apache Httpd
Apache Httpd
added 2012/05/31 12:0 a.m.72 views

Apache Httpd < 2.2.23 : XSS in mod_negotiation when untrusted uploads are supported

Possible XSS for sites which use modnegotiation and allow untrusted uploads to locations which have MultiViews enabled. Note: This issue is also known as CVE-2008-0455...

4.3CVSS0.1AI score0.6477EPSS
Exploits3Affected Software1
Rows per page
Query Builder