Lucene search
K

179 matches found

Positive Technologies
Positive Technologies
added 2005/10/14 12:0 a.m.4 views

PT-2005-3811 · Apache +1 · Apache Http Server +1

Name of the Vulnerable Software and Affected Versions: Apache 2 affected versions not specified Description: A memory leak in the worker MPM allows remote attackers to cause a denial of service memory consumption via aborted connections, which prevents the memory for the transaction pool from bei...

5.4CVSS6.4AI score0.73692EPSS
Exploits1References37
Apache Httpd
Apache Httpd
added 2005/10/14 12:0 a.m.49 views

Apache Httpd < 2.0.55 : Worker MPM memory leak

A memory leak in the worker MPM would allow remote attackers to cause a denial of service memory consumption via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. This issue was downgraded in severity to low from moderate as sucessful...

5CVSS3.8AI score0.1419EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.21 views

CVE-2003-1182

Cross-site scripting XSS vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter...

5.7AI score0.01981EPSS
Exploits1References4
CVE
CVE
added 2005/05/10 4:0 a.m.49 views

CVE-2003-1182

CVE-2003-1182 describes an XSS vulnerability in MPM Guestbook 1.2 where an attacker can inject arbitrary script via the lng parameter. Affected product: MPM Guestbook 1.2. CVSS base score 6.8 (MEDIUM) with network attack vector, medium complexity, no authentication required, and partial impact on...

6.8CVSS6AI score0.01981EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2005/01/16 12:0 a.m.35 views

ss11012005.txt

/ / / \ / / / / / \ \ \ \ / / / / / \ / / // / / / / / / / / / // // / / / // / / / / // , / // / /// // //// // ,/ // / // \ / / / // / / // / /// , / // Ref: SS11012005 SYSTEMSECURE.ORG - Advisory/Exploit PUBLIC ADVISORY Software: MPM Guestbook Pro 1.05 maybe all versions Link:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/01/14 12:0 a.m.24 views

[SA13849] MPM Guestbook Pro &quot;header&quot; File Inclusion Vulnerability

TITLE: MPM Guestbook Pro "header" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA13849 VERIFY ADVISORY: http://secunia.com/advisories/13849/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: MPM Guestbook Pro 1.x http://secunia.com/product/4516/ DESCRIPTION: SmOk3...

Exploits0
Tenable Nessus
Tenable Nessus
added 2005/01/14 12:0 a.m.17 views

MPM Guestbook Pro top.php Traversal Arbitrary File Access

The remote host is running MPM Guestbook, a guestbook application written in PHP. There is a flaw in this version which allows an attacker to read arbitrary files on the remote host or to execute arbitrary PHP commands on the remote host by including files hosted on a third-party server...

6.1AI score
Exploits0References1
OSV
OSV
added 2003/11/03 5:0 a.m.1 views

DEBIAN-CVE-2003-0789

modcgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client...

10CVSS6.5AI score0.11507EPSS
Exploits0References1
NVD
NVD
added 2003/11/03 5:0 a.m.11 views

CVE-2003-1182

Cross-site scripting XSS vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter...

6.8CVSS5.7AI score0.01981EPSS
Exploits1References4
exploitpack
exploitpack
added 2003/11/03 12:0 a.m.27 views

MPM Guestbook 1.2 - Cross-Site Scripting

MPM Guestbook 1.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/8958/info MPM Guestbook is reported to be prone to a cross-site scripting vulnerability. This is due to insufficient sanitization of HTML from URI parameters, which will be displayed in web pages that are dynamical...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2003/11/03 12:0 a.m.35 views

[UNIX] MPM Guestbook Multiple Vulnerabilities &#40;CSS, Path Disclosure&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/11/03 12:0 a.m.59 views

MPM Guestbook 1.2 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/8958/info MPM Guestbook is reported to be prone to a cross-site scripting vulnerability. This is due to insufficient sanitization of HTML from URI parameters, which will be displayed in web pages that are dynamically generated by the software. An attacker...

7.4AI score
Exploits0
CVE
CVE
added 2003/10/30 5:0 a.m.190 views

CVE-2003-0789

The provided documents confirm CVE-2003-0789 is an Apache mod_cgid issue where CGI redirect paths are mishandled when using a threaded MPM, potentially causing CGI output to be sent to the wrong client. This is tied to the mod_cgid component of Apache and is discussed alongside CAN-2003-0542 (buf...

10CVSS7.3AI score0.11507EPSS
Exploits0References27Affected Software1
Debian CVE
Debian CVE
added 2003/10/30 5:0 a.m.42 views

CVE-2003-0789

modcgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client...

10CVSS6.1AI score0.11507EPSS
Exploits0
Apache Httpd
Apache Httpd
added 2003/10/03 12:0 a.m.27 views

Apache Httpd < 2.0.48 : CGI output information leak

A bug in modcgid mishandling of CGI redirect paths can result in CGI output going to the wrong client when a threaded MPM is used...

10CVSS0.8AI score0.11507EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
added 2003/06/25 12:0 a.m.46 views

Apache Httpd < 2.0.47 : Remote DoS with multiple Listen directives

In a server with multiple listening sockets a certain error returned by accept on a rarely access port can cause a temporary denial of service, due to a bug in the prefork MPM...

5CVSS1.4AI score0.09108EPSS
Exploits0Affected Software1
OSV
OSV
added 2003/06/09 4:0 a.m.11 views

CVE-2003-0189

The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the cryptr or crypt functions, which allows remote attackers to cause a denial of service failed Basic authentication with valid usernames and passwords when a threaded MPM is use...

7.1AI score
Exploits0References24
NVD
NVD
added 2003/06/09 4:0 a.m.26 views

CVE-2003-0189

The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the cryptr or crypt functions, which allows remote attackers to cause a denial of service failed Basic authentication with valid usernames and passwords when a threaded MPM is use...

5CVSS6.8AI score0.15122EPSS
Exploits0References22
OSV
OSV
added 2003/06/09 4:0 a.m.2 views

DEBIAN-CVE-2003-0189

The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the cryptr or crypt functions, which allows remote attackers to cause a denial of service failed Basic authentication with valid usernames and passwords when a threaded MPM is use...

5CVSS7.1AI score0.15122EPSS
Exploits0References1
Rows per page
Query Builder