EUVD-2006-5338

Malware in sbrugna...

EUVD-2013-1865

Malicious code in bioql PyPI...

USN-6885-2: Apache HTTP Server regression

USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP/2 server. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Marc Stern discovered that the Apache HTTP Server...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache HTTP Server regression (USN-6885-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6885-2 advisory. USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP...

IBM HTTP Server 8.5.0.0 <= 8.5.5.0 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.29 / 6.1.0.0 <= 6.1.0.45 (491411)

The version of IBM HTTP Server running on the remote host is affected by a vulnerability. modrewrite.c in the modrewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non- printable characters, which might allow remote attackers to execute...

Remote Code Execution (RCE)

httpd is vulnerable to remote code execution RCE. The modrewrite.c in the modrewrite module does not sanitize non-printable characters before writing to a log file, allowing a remote attacker to inject escape sequences for a terminal emulator into the log file via an HTTP request, resulting in...

DEBIAN-CVE-2013-1862

modrewrite.c in the modrewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator...

CVE-2013-1862

modrewrite.c in the modrewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator...

Command injection

modrewrite.c in the modrewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator...

CVE-2013-1862

modrewrite.c in the modrewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator...

The Apache log file vulnerability may execute arbitrary code-a vulnerability warning-the black bar safety net

Recently foreign Safety researchers in the Apache server found a vulnerability, the vulnerability is the use of modules/mappers/modrewrite. c file in the Rewritelogfunction incorrect handling of certain escape sequences that lead to a malicious attacker to send a specially crafted HTTP request ca...

Ubuntu 5.04 / 5.10 / 6.06 LTS : apache2 vulnerability (USN-328-1)

Mark Dowd discovered an off-by-one buffer overflow in the modrewrite module's ldap scheme handling. On systems which activate 'RewriteEngine on', a remote attacker could exploit certain rewrite rules to crash Apache, or potentially even execute arbitrary code this has not been verified...

Fedora Core 5 : httpd-2.2.2-1.2 (2006-863)

This update fixes a security issue in the modrewrite module. Mark Dowd of McAfee Avert Labs reported an off-by-one security problem in the LDAP scheme handling of the modrewrite module. Where RewriteEngine was enabled, and for certain RewriteRules, this could lead to a pointer being written out o...

CVE-2006-5353

Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors related to the Modrewrite Module, aka Vuln OHS01...

CVE-2006-5353

Technical details (affected product/version, root cause, impact, and remediation) are not publicly available in the provided documents. Monitor for updates.

[Full-disclosure] [USN-328-1] Apache vulnerability

=========================================================== Ubuntu Security Notice USN-328-1 July 27, 2006 apache2 vulnerability CVE-2006-3747 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LT...