PT-2024-1487

Name of the Vulnerable Software and Affected Versions aiohttp versions prior to 3.9.2 python3-aiohttp versions prior to 3.6.2-1ubuntu1+esm3 python3-module-aiohttp versions prior to 3.9.5-alt1 python310-aiohttp versions prior to 3.9.3-1.1 Description aiohttp is an asynchronous HTTP client/server...

Medium: httpd

Issue Overview: It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2012:0128 Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

RHEL 6 : httpd (RHSA-2012:0128)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0128 advisory. The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 released via RHSA-2011:1391 did not...

httpd: http 0.9 request bypass of the reverse proxy vulnerability CVE-2011-3368 fix

The modproxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

httpd: uri scheme bypass of the reverse proxy vulnerability CVE-2011-3368 fix

The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which...

Debian Security Advisory DSA 2405-1 (apache2)

The remote host is missing an update to apache2 announced via advisory DSA 2405-1. OpenVAS Vulnerability Test $Id: deb24051.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2405-1 apache2 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

linux/x86 BackBox BackConnect & Reverse TCP SSL shellcode 442 bytes

Title :Linux x86 BackBox BackConnect & Reverse TCP SSL shellcode 442 bytes Author : TrOoN E-mail : www.facebook.com/fysl.fyslm Home : city 617 logt Draria algeria Web Site : www.1337day.com platform :backboX 32 bit Eng Type : local root / exploit / shellcode / etc download link : backbox.org...

linux/x86 reverse shell 91 bytes

Shellcode linux/x86 reverse shell ;Author : Gaussillusion ;Len : 91 byte ;\x31\xc0\x31\xdb\x31\xd2\x50\xb0\x66\x43\x52 ;\x6a\x01\x6a\x02\x80\xe1\xcd\x80\x66\xbe\x02 ;\x00\x89\xc7\xb0\x66\xb3\x03\x68\x7f\x00\x00 ;\x01\x66\x68\x27\x10\x66\x56\x89\xe2\x6a\x10...

Apache HTTP Server mod_proxy Reverse Proxy HTTP 0.9 Information Disclosure

The version of Apache HTTP Server running on the remote host has an information disclosure vulnerability. When configured as a reverse proxy, improper use of the RewriteRule and ProxyPassMatch directives could cause the web server to proxy requests to arbitrary hosts. This could allow a remote...

Apache 2.2.15 mod_proxy - Reverse Proxy Security Bypass

Apache 2.2.15 modproxy - Reverse Proxy Security Bypass source: https://www.securityfocus.com/bid/51869/info Apache HTTP Server is prone to a security-bypass vulnerability. Successful exploits will allow attackers to bypass certain security restrictions and obtain sensitive information about runni...

Apache 2.2 < 2.2.22 Multiple Vulnerabilities

Binary data 6302.prm...

Apache 2.2 < 2.2.22 Multiple Vulnerabilities

Binary data 800552.prm...

Apache 2.2.15 mod_proxy - Reverse Proxy Security Bypass

source: https://www.securityfocus.com/bid/51869/info Apache HTTP Server is prone to a security-bypass vulnerability. Successful exploits will allow attackers to bypass certain security restrictions and obtain sensitive information about running web applications. RewriteRule ^...

HITB2011KUL - Reverse Engineering Android Malware

Document Title: =============== HITB2011KUL - Reverse Engineering Android Malware References: =========== Download: http://www.vulnerability-lab.com/resources/videos/413.wmv View: http://www.youtube.com/watch?v=22KVTR4mEIk Release Date: ============= 2012-02-02 Vulnerability Laboratory ID VL-ID:...

HITB2011KUL - Reverse Engineering Android Malware

Document Title: =============== HITB2011KUL - Reverse Engineering Android Malware References: =========== Download: http://www.vulnerability-lab.com/resources/videos/413.wmv View: http://www.youtube.com/watch?v=22KVTR4mEIk Release Date: ============= 2012-02-02 Vulnerability Laboratory ID VL-ID:...

Apache 2.2.x < 2.2.22 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x installed on the remote host is prior to 2.2.22. It is, therefore, potentially affected by the following vulnerabilities : - When configured as a reverse proxy, improper use of the RewriteRule and ProxyPassMatch directives could cause the web...

BSD Command Shell, Reverse TCP Inline (IPv6)

Connect back to attacker and spawn a command shell over IPv6 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 96 include Msf::Payload::Single include Msf::Payload::Bsd include...

BSD Command Shell, Reverse TCP Stager (IPv6)

Spawn a command shell staged. Connect back to the attacker over IPv6 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework ReverseTcp ---------- BSD reverse TCP stager. module MetasploitModule CachedSize = 81 include...