what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2012-0883

Status Candidate

Overview

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.

Related Files

HP Security Bulletin HPSBMU02900 3
Posted Sep 19, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02900 3 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Local Denial of Service (DoS), remote Denial of Service (DoS), execution of arbitrary code, gain privileges, disclosure of information, unauthorized access, or XSS. Revision 3 of this advisory.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability
systems | linux, windows
advisories | CVE-2011-3389, CVE-2012-0883, CVE-2012-2110, CVE-2012-2311, CVE-2012-2329, CVE-2012-2335, CVE-2012-2336, CVE-2012-5217, CVE-2013-2355, CVE-2013-2356, CVE-2013-2357, CVE-2013-2358, CVE-2013-2359, CVE-2013-2360, CVE-2013-2361, CVE-2013-2362, CVE-2013-2363, CVE-2013-2364, CVE-2013-4821
SHA-256 | b930d764b9b0c0dddad54a771b6387f16cd50297af79c0ae2ab5b835d0ef2fa3
Apple Security Advisory 2013-09-12-1
Posted Sep 13, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-12-1 - OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses Apache issues, BIND issues, ClamAV issues, and more.

tags | advisory
systems | apple, osx
advisories | CVE-2012-0883, CVE-2012-2686, CVE-2012-2687, CVE-2012-3499, CVE-2012-3817, CVE-2012-4244, CVE-2012-4558, CVE-2012-5166, CVE-2012-5688, CVE-2013-0166, CVE-2013-0169, CVE-2013-1025, CVE-2013-1026, CVE-2013-1027, CVE-2013-1028, CVE-2013-1029, CVE-2013-1030, CVE-2013-1031, CVE-2013-1032, CVE-2013-1033, CVE-2013-1635, CVE-2013-1643, CVE-2013-1824, CVE-2013-1899, CVE-2013-1900, CVE-2013-1901, CVE-2013-1902, CVE-2013-1903
SHA-256 | 6ba59298aa5785b3b0ac181767509f821759a4fbc0ab6e1b3056eb65c22a59a5
HP Security Bulletin HPSBMU02900 2
Posted Jul 19, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02900 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Local Denial of Service (DoS), remote Denial of Service (DoS), execution of arbitrary code, gain privileges, disclosure of information, unauthorized access, or XSS. Revision 2 of this advisory.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability
systems | linux, windows
advisories | CVE-2011-3389, CVE-2012-0883, CVE-2012-2110, CVE-2012-2311, CVE-2012-2329, CVE-2012-2335, CVE-2012-2336, CVE-2012-5217, CVE-2013-2355, CVE-2013-2356, CVE-2013-2357, CVE-2013-2358, CVE-2013-2359, CVE-2013-2360, CVE-2013-2361, CVE-2013-2362, CVE-2013-2363, CVE-2013-2364
SHA-256 | aa5398e97437c28076d2f5544c40ed75d95e10ca70d3d9cb6dfa48709cc572f7
HP Security Bulletin HPSBMU02900
Posted Jul 18, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02900 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Local Denial of Service (DoS), remote Denial of Service (DoS), execution of arbitrary code, gain privileges, disclosure of information, unauthorized access, or XSS. Revision 1 of this advisory.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability
systems | linux, windows
advisories | CVE-2011-3389, CVE-2012-0883, CVE-2012-2110, CVE-2012-2311, CVE-2012-2329, CVE-2012-2335, CVE-2012-2336, CVE-2013-2355, CVE-2013-2356, CVE-2013-2357, CVE-2013-2358, CVE-2013-2359, CVE-2013-2360, CVE-2013-2361, CVE-2013-2362, CVE-2013-2363, CVE-2013-2364, CVE-2013-5217
SHA-256 | 9864656a8c7f02f65287405b436e81a4bfb33db55bb9dbe7aea8240180e998a1
Red Hat Security Advisory 2012-1594-01
Posted Dec 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1594-01 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2008-0455, CVE-2012-0883, CVE-2012-2378, CVE-2012-2379, CVE-2012-2672, CVE-2012-2687, CVE-2012-3428, CVE-2012-3451, CVE-2012-4549, CVE-2012-4550
SHA-256 | ce7a6ce3fa874a437034915aac5d5291665cbbaaf245d08d9d1f5eb346d591fc
Mandriva Linux Security Advisory 2012-154-1
Posted Oct 2, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-154 - Multiple vulnerabilities has been found and corrected in apache. Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory. Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled. The updated packages have been upgraded to the latest 2.2.23 version which is not vulnerable to these issues.

tags | advisory, local, root, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0883, CVE-2012-2687
SHA-256 | 5a1742252a9584a52acf4fe80af2e67a76d0ef2a0f171b83cfe17bd5855503b2
Mandriva Linux Security Advisory 2012-154
Posted Sep 28, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-154 - Multiple vulnerabilities has been found and corrected in apache. Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory. Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled. The updated packages have been upgraded to the latest 2.2.23 version which is not vulnerable to these issues.

tags | advisory, local, root, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0883, CVE-2012-2687
SHA-256 | bfb99130026e154f55b5d6d82315ea76e366608f40dc662375702575689be258
HP Security Bulletin HPSBUX02791 SSRT100856 2
Posted Aug 24, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02791 SSRT100856 2 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server running PHP. These vulnerabilities could be exploited remotely to execute arbitrary code, elevate privileges, or create a Denial of Service (DoS). PHP is contained in the HP-UX Apache Web Server Suite. Revision 2 of this advisory.

tags | advisory, web, denial of service, arbitrary, php, vulnerability
systems | hpux
advisories | CVE-2011-4153, CVE-2012-0830, CVE-2012-0883, CVE-2012-1172, CVE-2012-1823, CVE-2012-2311
SHA-256 | 0249428e9acbac3f82ddc8a67d6642ef0f59a811efba5c7c79d97ee170c36700
Gentoo Linux Security Advisory 201206-25
Posted Jun 24, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-25 - Multiple vulnerabilities were found in Apache HTTP Server. Versions less than 2.2.22-r1 are affected.

tags | advisory, web, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0408, CVE-2010-0434, CVE-2010-1452, CVE-2010-2791, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2012-0883
SHA-256 | 384b2487f5f9cd58a858736f481966a3ddea24b706867ab02a3f57c4c6800e0f
HP Security Bulletin HPSBUX02791 SSRT100856
Posted Jun 19, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02791 SSRT100856 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server running PHP. These vulnerabilities could be exploited remotely to execute arbitrary code, elevate privileges, or create a Denial of Service (DoS). PHP is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.

tags | advisory, web, denial of service, arbitrary, php, vulnerability
systems | hpux
advisories | CVE-2011-4153, CVE-2012-0830, CVE-2012-0883, CVE-2012-1172, CVE-2012-1823, CVE-2012-2311
SHA-256 | 82242c858879c5590d3cc4aa2be0779747605eb91aaebb7622591ecb8aca1651
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close