Metasploit Web Crawler

This auxiliary module is a modular web crawler, to be used in conjunction with wmap someday or standalone. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Web Crawler. Author: Efrain Torres et at metasploit.com 2010...

Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability

Apache is prone to an information-disclosure vulnerability that affects the 'modproxyhttp' module. Attackers can leverage this issue to gain access to sensitive information that may aid in further attacks. Apache 2.2.9 on Unix is vulnerable. OpenVAS Vulnerability Test $Id: gbapache42102.nasl 7835...

Apache HTTP Server 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability

Apache HTTP Server is prone to an information disclosure vulnerability that affects the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Fedora Update for sudo FEDORA-2010-14355

Check for the Version of sudo OpenVAS Vulnerability Test Fedora Update for sudo FEDORA-2010-14355 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

httpd: Reverse proxy sends wrong responses after time-outs

modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...

Mandriva Update for apache MDVSA-2010:153 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2010:153 apache Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for apache MDVSA-2010:153 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2010:153 apache Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Linux Security Advisory : apache (MDVSA-2010:153)

Multiple vulnerabilities has been found and corrected in apache : The modcache and moddav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service process crash via a request that lacks a path CVE-2010-1452. modproxy in httpd in Apache HTTP Server...

DEBIAN-CVE-2010-2791

modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...

CVE-2010-2791

modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...

CVE-2010-2791

modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...

Apache Httpd < 2.2.10 : Timeout detection flaw (mod_proxy_http)

An information disclosure flaw was found in modproxyhttp in version 2.2.9 only, on Unix platforms. Under certain timeout conditions, the server could return a response intended for another user. Only those configurations which trigger the use of proxy worker pools are affected. There was no...

TCP Port Scanner

Enumerate open TCP services by performing a full TCP connect on each port. This does not need administrative privileges on the source machine, which may be useful if pivoting. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2010-2068

modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...

CVE-2010-2068

CVE-2010-2068 affects Apache HTTP ServerAffected: mod_proxy_http.c in Apache HTTP Server 2.2.9–2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, OS/2 in certain proxy worker pool configurations.Root cause: timeout handling in mod_proxy_http did not correctly detect timeouts, allowing a re...

CVE-2010-2068

modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...

[advisory] httpd Timeout detection flaw &#40;mod_proxy_http&#41; CVE-2010-2068

Vulnerability; httpd Timeout detection flaw modproxyhttp CVE-2010-2068 Classification; important Description; A timeout detection flaw in the httpd modproxyhttp module causes proxied response to be sent as the response to a different request, and potentially served to a different client, from the...

Apache Httpd < 2.2.16 : Timeout detection flaw (mod_proxy_http)

An information disclosure flaw was found in modproxyhttp in versions 2.2.9 through 2.2.15, 2.3.4-alpha and 2.3.5-alpha. Under certain timeout conditions, the server could return a response intended for another user. Only Windows, Netware and OS2 operating systems are affected. Only those...

RedHat Update for openldap RHSA-2010:0198-04

Check for the Version of openldap OpenVAS Vulnerability Test RedHat Update for openldap RHSA-2010:0198-04 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

openldap security and bug fix update

2.3.43-12 - updated spec file, so the compat-libs linking patch applies correctly 2.3.43-11 - backported patch to handle null character in TLS certificates 560912 2.3.43-10 - updated chase-referral patch to compile cleanly - updated init script 562714 2.3.43-9 - updated ldap.sysconf to include...