mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.
ccd38e216ad54a99fb5bd62a15b8f34e62a390b05ea0b61fedf3e4cdb10a9b05
This Metasploit module performs a brute force attack in order to discover existing files on a server which uses mod_negotiation. If the filename is found, the IP address and the files found will be displayed.
638a8b6d72b49f87c0a2ab72893a63716f90074a32831600fada47f9fc05f255
Modbus Slave version 7.3.1 suffers from a buffer overflow vulnerability.
39eb7cf402d22f485cd56cc220faeb4a38a297d3d16f3a8b49633e716d0a7ae6
Modbus Slave version 7.0.0 suffers from a denial of service vulnerability.
af71fc2884ac32623befb50350fd285ac9d8bb6be35591c523b9fe0199e6cbe8
Modbus Slave PLC 7 .msw buffer overflow proof of concept exploit.
57a316badac549c6e7e7a70dc048a41ecb4bd53fc9c8f1f0f65a53b66610d752
Modbus Poll version 7.2.2 suffers from a denial of service vulnerability.
9ad84d566a67041600a87c7ba57361924f3dde7551b9296f72542cc385cef813
ModbusPal version 1.6b suffers from an XML external entity injection vulnerability.
53bb5160dea2fc4c4d5c9c108d6af89ad0622323762be453253962cff0dc4dff
mod_accounting version 0.5 suffers from a remote blind SQL injection vulnerability.
5f80d81efab9b887ab6063336f50467c4282d2a92a64c29cbf5563b42ba9f24a
mod_auth_pubtkt is a simple Web single sign-on (SSO) solution for Apache. It validates authentication tickets provided by the client in a cookie using public-key cryptography (DSA or RSA). Thus, only the login server that generates the tickets needs to possess the private key, while Web servers can verify tickets given only the public key. The implementation of the login server is left to the user, but an example and a library in PHP are provided with the distribution.
6243e220a650147a49269970cfc1491e6c727f6e9ef4eb34673909783bc258b2
mod_auth_pubtkt is a simple Web single sign-on (SSO) solution for Apache. It validates authentication tickets provided by the client in a cookie using public-key cryptography (DSA or RSA). Thus, only the login server that generates the tickets needs to possess the private key, while Web servers can verify tickets given only the public key. The implementation of the login server is left to the user, but an example and a library in PHP are provided with the distribution.
8ff3de9c5acc026c6fd74fd8e599c0c2659cd29c51693dbf67a8bf8c609be94e
MODACOM URoad-5000 version 1450 has a hard-coded backdoor account that allows for remote command execution.
7aa00fead7d830e9d8dce87c99dd46947c5558d1709822584f40bcd93224942c
Model Agentur Script suffers from a remote SQL injection vulnerability.
ef48c4dd4a480e31bdb158ccfd38f8fd55aac3ce73e726a0fdfcbf613165dfd8
mod_psldap is an Apache module that performs authentication and authorization against an LDAP server with LDAP based session management. It also provides Web 2.0 based capabilities to add, edit, move, and create new records in the LDAP store, leveraging XSL stylesheets to offload heavy processing to the clients and reduce bandwidth consumption by up to 95% or more.
41e6461d2c3d8d11aae52da0ed3fb1268f990398109b089181f992a02eccefc6
mod_psldap is an Apache module that performs authentication and authorization against an LDAP server with LDAP based session management. It also provides Web 2.0 based capabilities to add, edit, move, and create new records in the LDAP store, leveraging XSL stylesheets to offload heavy processing to the clients and reduce bandwidth consumption by up to 95% or more.
100bdf5e1d045107171c2afce229a7edc1206398e366c182a682d2435c79eb43
Model Agency Manager suffers from a cross site scripting vulnerability.
8ea501fd62b4294aabcd1c910a5dfef8ae2cf9c6e4be00571350605369851aaf
Model Agency Manager Pro suffers from a remote SQL injection vulnerability.
e70c724979a5876da8f1e0120b83a142b310f16725c006c8cd1553f25986518c
The MCP (Moderation Control Panel) in vBulletin versions 3.7.1 PL1 and below and versions 3.6.10 PL1 and below suffers from a cross site scripting vulnerability.
ec09a6b4bdf41191253aeb5ec033a0969ffd23a2580a03b9e200bb727f5c1682
Mod_evasive is a module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive reports abuses via email and syslog facilities. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from requesting the same page more than a few times per second or making more than 50 requests with the same child per second.
07c45139aa313899484a900f0fc162b3e17eb4f60fe474d7f3dd6c9941e95667
The mod_securid Apache module implements RSA SecurID authentication for the Apache Web server. It allows administrators to restrict access to Web sites (or parts of Web sites) to users authenticated using a SecurID token and an ACE server.
87c2643540d71c6fdf5c119067c34b61e9d37872340eca467bdb8ec2afb42713
The Apache DoS Evasive Maneuvers Module is a module for both Apache 1.3 and 2.0 that provides functionality for detecting and fighting off DoS attacks and brute force attacks. It does this by adding addresses to a 10-second '403 List' and rejecting rapidly repeated requests for the same URL from the same addresses, using an internal hash table, on a per-child basis. This module can be configured to talk to ipchains, ipfilter, or any other tool designed to push the attack out to the network layer, and provides email notification in the event of an attack.
8706ff58be35378fce2b7a916cc2bce6249a00c79eaa09e3ebbdb163d4e87bb9
mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.
1a3746197ff7c145a9ff56af130c00790f20d944bf0d62e48686f2cc248285a2
Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads and runs on both branches of Apache. Windows binary available here.
9d68e207e9b9c5a0f4504c919c2144de025eab61f8646127a7774509673a2982
mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.
1717eb96e9de60a24d73e9616fb7e6bcc9d47891c6e77cb26d4bf529c4382260
mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.
4f307413360dcdc90283082e77179b8aa65256afaf718a5a7bc9668e25c6a72d
Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads and runs on both branches of Apache.
da0c870fa4a338b0c96f55a1f1628faa5c1e63c009e3b4330f1fad221cab1a34
Subversion versions up to and including 1.0.5 have a bug in mod_authz_svn that allows users with write access to read portions of the repository that they do not have read access to.
aefe57e387f1f845c751e1078943c6c758ae74b2db1ff47970653f4b44b69547