179 matches found
CVE-2007-3304
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...
CVE-2007-3304
CVE-2007-3304 affects Apache HTTP Server (httpd) with the Prefork MPM. The issue arises when a local attacker can modify the scoreboard arrays (worker_score and process_score) to reference another process, enabling the master process to send SIGUSR1 and terminate that process, potentially causing...
CVE-2007-3304
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...
Apache Prefork MPM vulnerabilities - Report
----- Apache Prefork MPM vulnerabilities ---------------------------------- PSNC Security Team http://security.psnc.pl/files/apachereport.pdf 1. Introduction This small case study is a result of source code analysis of Apache httpd server MPM modules. The main goal of this document is to show, wh...
CVE-2007-1613
Directory traversal vulnerability in view.php in MPM Chat 2.5 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the logi parameter...
Directory traversal
Directory traversal vulnerability in view.php in MPM Chat 2.5 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the logi parameter...
CVE-2007-1613
Directory traversal vulnerability in view.php in MPM Chat 2.5 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the logi parameter...
CVE-2007-1613
CVE-2007-1613 affects MPM Chat 2.5, exposing a directory traversal vulnerability in view.php. The flaw allows remote attackers to include and execute arbitrary local files by inserting .. into the logi parameter. Affected component is the view.php handler within MPM Chat 2.5; root cause is inadeq...
MPM Chat 2.5 (view.php logi) Local File Include Exploit
MPM Chat 2.5 view.php logi Local File Include Exploit D.Script: http://mpm.pahviloota.net/mpmchat25.zip Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code ?php if $logi != '' include 'archive/' . $logi; Exploit:...
MPM Chat 2.5 - view.php?logi Local File Inclusion
MPM Chat 2.5 - view.php?logi Local File Inclusion MPM Chat 2.5 view.php logi Local File Include Exploit D.Script: http://mpm.pahviloota.net/mpmchat25.zip Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code ?php if $logi...
MPM Chat 2.5 (view.php logi) Local File Include Vulnerability
Exploit for unknown platform in category web applications ============================================================= MPM Chat 2.5 view.php logi Local File Include Vulnerability ============================================================= MPM Chat 2.5 view.php logi Local File Include Exploit...
MPM Chat 2.5 (view.php logi) Local File Include Vulnerability
No description provided by source. MPM Chat 2.5 view.php logi Local File Include Exploit D.Script: http://mpm.pahviloota.net/mpmchat25.zip Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code ?php if $logi != '' include...
MPM Chat 2.5 - 'view.php?logi' Local File Inclusion
MPM Chat 2.5 view.php logi Local File Include Exploit D.Script: http://mpm.pahviloota.net/mpmchat25.zip Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code ?php if $logi != '' include 'archive/' . $logi; Exploit:...
CentOS 3 / 4 : httpd (CESA-2006:0159)
Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A memo...
CVE-2006-0360
MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication...
[Full-disclosure] MPM HP-180W VoIP wireless desktop phone undocumented port UDP/9090
I disclosed the following issue at ShmooCon 2006 http://www.shmoocon.org/ during my "VoIP Wireless Phone Security Analysis" presentation. Thanks, --scm =============================================================== DATE: 16 January, 2006 VENDOR: MPM - http://www.mpn.com.tw VENDOR NOTIFIED: 7...
security flaw
Memory leak in the worker MPM worker.c for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service memory consumption via aborted connections, which prevents the memory for the transaction pool from being reused for other connections...
Apache Httpd < 2.2.2 : mod_ssl access control DoS
A NULL pointer dereference flaw in modssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This...
EUVD-2005-2970
Memory leak in the worker MPM worker.c for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service memory consumption via aborted connections, which prevents the memory for the transaction pool from being reused for other connections...
CVE-2005-2970
CVE-2005-2970 is described across multiple advisories as a memory-leak vulnerability in the Apache httpd worker MPM (worker.c). In affected setups, memory consumed by aborted connections could not be freed for new requests, enabling a remote attacker to trigger a Denial of Service via memory exha...