exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2014-8109

Status Candidate

Overview

mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.

Related Files

Apple Security Advisory 2015-09-16-4
Posted Sep 19, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-09-16-4 - OS X Server 5.0.3 is now available and addresses denial of service, code execution, and various other vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple, osx
advisories | CVE-2013-5704, CVE-2014-0067, CVE-2014-3581, CVE-2014-3583, CVE-2014-8109, CVE-2014-8161, CVE-2014-8500, CVE-2015-0228, CVE-2015-0241, CVE-2015-0242, CVE-2015-0243, CVE-2015-0244, CVE-2015-0253, CVE-2015-1349, CVE-2015-3165, CVE-2015-3166, CVE-2015-3167, CVE-2015-3183, CVE-2015-3185, CVE-2015-5911
SHA-256 | 8254c8d55f2667e65687c75dc0e4ebbbd127b907729adba11b4a141d12fc30b2
Download | Favorite | View
Apple Security Advisory 2015-08-13-2
Posted Aug 13, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-08-13-2 - OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCIController, and more.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2009-5044, CVE-2009-5078, CVE-2012-6685, CVE-2013-1775, CVE-2013-1776, CVE-2013-2776, CVE-2013-2777, CVE-2013-7040, CVE-2013-7338, CVE-2013-7422, CVE-2014-0067, CVE-2014-0106, CVE-2014-0191, CVE-2014-1912, CVE-2014-3581, CVE-2014-3583, CVE-2014-3613, CVE-2014-3620, CVE-2014-3660, CVE-2014-3707, CVE-2014-7185, CVE-2014-7844, CVE-2014-8109, CVE-2014-8150, CVE-2014-8151, CVE-2014-8161, CVE-2014-8767, CVE-2014-8769
SHA-256 | 1ccd5f307af57152abb6e4f0da773ca4420fb7a6e98f26301366a9071ecc9a33
Download | Favorite | View
Slackware Security Advisory - httpd Updates
Posted Apr 22, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-5704, CVE-2014-3581, CVE-2014-3583, CVE-2014-8109
SHA-256 | fabbf00be913fbc1ea322e0c9f5f56231cc9f149ec2cb6f5840f0655e2e5c915
Download | Favorite | View
Mandriva Linux Security Advisory 2015-093
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-093 - Updated apache packages fix multiple security vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3581, CVE-2014-5704, CVE-2014-8109, CVE-2015-0228
SHA-256 | 19a31025ffbf8447f6cdb3bb70ede57e8f0dce94fcd7cd5d396da9f7fdab3fc1
Download | Favorite | View
Ubuntu Security Notice USN-2523-1
Posted Mar 10, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2523-1 - Martin Holst Swende discovered that the mod_headers module allowed HTTP trailers to replace HTTP headers during request processing. A remote attacker could possibly use this issue to bypass RequestHeaders directives. Mark Montague discovered that the mod_cache module incorrectly handled empty HTTP Content-Type headers. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2013-5704, CVE-2014-3581, CVE-2014-3583, CVE-2014-8109, CVE-2015-0228
SHA-256 | b5a9d704b449f39d01062d26900f37e7a1d8336e27bd24dc58719568e3d644a3
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close