179 matches found
PT-2005-3811 · Apache +1 · Apache Http Server +1
Name of the Vulnerable Software and Affected Versions: Apache 2 affected versions not specified Description: A memory leak in the worker MPM allows remote attackers to cause a denial of service memory consumption via aborted connections, which prevents the memory for the transaction pool from bei...
Apache Httpd < 2.0.55 : Worker MPM memory leak
A memory leak in the worker MPM would allow remote attackers to cause a denial of service memory consumption via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. This issue was downgraded in severity to low from moderate as sucessful...
CVE-2003-1182
Cross-site scripting XSS vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter...
CVE-2003-1182
CVE-2003-1182 describes an XSS vulnerability in MPM Guestbook 1.2 where an attacker can inject arbitrary script via the lng parameter. Affected product: MPM Guestbook 1.2. CVSS base score 6.8 (MEDIUM) with network attack vector, medium complexity, no authentication required, and partial impact on...
ss11012005.txt
/ / / \ / / / / / \ \ \ \ / / / / / \ / / // / / / / / / / / / // // / / / // / / / / // , / // / /// // //// // ,/ // / // \ / / / // / / // / /// , / // Ref: SS11012005 SYSTEMSECURE.ORG - Advisory/Exploit PUBLIC ADVISORY Software: MPM Guestbook Pro 1.05 maybe all versions Link:...
[SA13849] MPM Guestbook Pro "header" File Inclusion Vulnerability
TITLE: MPM Guestbook Pro "header" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA13849 VERIFY ADVISORY: http://secunia.com/advisories/13849/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: MPM Guestbook Pro 1.x http://secunia.com/product/4516/ DESCRIPTION: SmOk3...
MPM Guestbook Pro top.php Traversal Arbitrary File Access
The remote host is running MPM Guestbook, a guestbook application written in PHP. There is a flaw in this version which allows an attacker to read arbitrary files on the remote host or to execute arbitrary PHP commands on the remote host by including files hosted on a third-party server...
DEBIAN-CVE-2003-0789
modcgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client...
CVE-2003-1182
Cross-site scripting XSS vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter...
MPM Guestbook 1.2 - Cross-Site Scripting
MPM Guestbook 1.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/8958/info MPM Guestbook is reported to be prone to a cross-site scripting vulnerability. This is due to insufficient sanitization of HTML from URI parameters, which will be displayed in web pages that are dynamical...
[UNIX] MPM Guestbook Multiple Vulnerabilities (CSS, Path Disclosure)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
MPM Guestbook 1.2 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/8958/info MPM Guestbook is reported to be prone to a cross-site scripting vulnerability. This is due to insufficient sanitization of HTML from URI parameters, which will be displayed in web pages that are dynamically generated by the software. An attacker...
CVE-2003-0789
The provided documents confirm CVE-2003-0789 is an Apache mod_cgid issue where CGI redirect paths are mishandled when using a threaded MPM, potentially causing CGI output to be sent to the wrong client. This is tied to the mod_cgid component of Apache and is discussed alongside CAN-2003-0542 (buf...
CVE-2003-0789
modcgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client...
Apache Httpd < 2.0.48 : CGI output information leak
A bug in modcgid mishandling of CGI redirect paths can result in CGI output going to the wrong client when a threaded MPM is used...
Apache Httpd < 2.0.47 : Remote DoS with multiple Listen directives
In a server with multiple listening sockets a certain error returned by accept on a rarely access port can cause a temporary denial of service, due to a bug in the prefork MPM...
CVE-2003-0189
The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the cryptr or crypt functions, which allows remote attackers to cause a denial of service failed Basic authentication with valid usernames and passwords when a threaded MPM is use...
CVE-2003-0189
The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the cryptr or crypt functions, which allows remote attackers to cause a denial of service failed Basic authentication with valid usernames and passwords when a threaded MPM is use...
DEBIAN-CVE-2003-0189
The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the cryptr or crypt functions, which allows remote attackers to cause a denial of service failed Basic authentication with valid usernames and passwords when a threaded MPM is use...