CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

securityvulns•added 2014/07/28 12:0 a.m.•77 views

Apache multiple security vulnerabilities

modstatus buffer overflow, modproxy, moddeflate, modcgid DoS...

6.8CVSS2.9AI score0.75444EPSS

Exploits7References1Affected Software1

Slackware Linux•added 2014/07/24 1:35 a.m.•57 views

[slackware-security] httpd

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/httpd-2.4.10-i486-1slack14.1.txz: Upgraded. This update fixes the following security issues: SECURITY:...

6.8CVSS6.6AI score0.75444EPSS

Tenable Nessus•added 2014/07/24 12:0 a.m.•82 views

Ubuntu 14.04 LTS : Apache HTTP Server vulnerabilities (USN-2299-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2299-1 advisory. Marek Kroemeke discovered that the modproxy module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to st...

6.8CVSS7.5AI score0.75444EPSS

Exploits7References5

seebug.org•added 2014/07/24 12:0 a.m.•749 views

Apache 2.4.x mod_proxy 拒绝服务攻击 PoC

No description provided by source. Exploit Title: Apache 2.4.x modproxy Denial Of ServiceCVE-2014-0117 Date: 2014-07-20 Exploit Author: aisyhi Version: 0.1 Apache httpd 2.4.6 to 2.4.9 Tested on: Apache/2.4.7 CVE : CVE-2014-0117 import httplib import logging import time import socket import sys...

4.3CVSS7.2AI score0.56996EPSS

Exploits2

Tenable Nessus•added 2014/07/24 12:0 a.m.•55 views

Oracle Linux 7 : httpd (ELSA-2014-0921)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0921 advisory. - modcgid: add security fix for CVE-2014-0231 1120607 - modproxy: add security fix for CVE-2014-0117 1120607 - moddeflate: add security fix for...

6.8CVSS7.1AI score0.75444EPSS

Tenable Nessus•added 2014/07/24 12:0 a.m.•63 views

CentOS 7 : httpd (CESA-2014:0921)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

6.8CVSS7.7AI score0.75444EPSS

Ubuntu•added 2014/07/23 8:4 p.m.•110 views

USN-2299-1: Apache HTTP Server vulnerabilities

Marek Kroemeke discovered that the modproxy module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2014-0117 Giancarlo Pellegrino and Davide Balzarot...

6.8CVSS7.2AI score0.75444EPSS

Cent OS•added 2014/07/23 3:36 p.m.•114 views

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

CentOS Errata and Security Advisory CESA-2014:0921 Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

RedHat Linux•added 2014/07/23 10:0 a.m.•77 views

Exploits7References7

Important: Red Hat Security Advisory: httpd security update

RedHat Linux•added 2014/07/23 10:0 a.m.•69 views

Important: Red Hat Security Advisory: httpd24-httpd security update

Updated httpd24-httpd packages that fix multiple security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Oracle linux•added 2014/07/23 12:0 a.m.•77 views

httpd security update

2.4.6-18.0.1.el70 - replace index.html with Oracle's index page oracleindex.html 2.4.6-18 - modcgid: add security fix for CVE-2014-0231 1120607 - modproxy: add security fix for CVE-2014-0117 1120607 - moddeflate: add security fix for CVE-2014-0118 1120607 - modstatus: add security fix for...

6.8CVSS0.75444EPSS

Packet Storm•added 2014/07/22 12:0 a.m.•720 views

Apache 2.4.x mod_proxy Denial Of Service

::: ::::::::: ::: :::::::: ::: ::::::::::::: ::: :::::::::::::::::::::::::::::::::: ::::::::: :+: :+: :+: :+: :+: :+: :+: :+::+: :+::+: :+: :+: :+: :+: :+: :+::+: :+: +:+ +:+ +:+ +:++:+ +:+ +:+ +:+ +:++:+ +:+ +:+ +:+ +:+ +:+ +:++:+ +:+ +++:++++:+++:++++++:++++:++ +++:+++++++:++ +++:++++ ++ ++...

4.3CVSS7.7AI score0.56996EPSS

Exploits2

Tenable Nessus•added 2014/07/21 12:0 a.m.•1479 views

Apache 2.4.x < 2.4.10 Multiple Vulnerabilities

According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.10. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the 'modproxy' module that may allow an attacker to send a specially crafted request to a server configured as a...

Tenable Nessus•added 2014/07/21 12:0 a.m.•52 views

Exploits7References7

FreeBSD : apache24 -- several vulnerabilities (4364e1f1-0f44-11e4-b090-20cf30e32f6d)

Apache HTTP SERVER PROJECT reports : modproxy: Fix crash in Connection header handling which allowed a denial of service attack against a reverse proxy with a threaded MPM. Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. moddeflate: The DEFLATE input filte...

6.8CVSS7.1AI score0.75444EPSS