exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

httpd-2.0.43.tar.gz
Posted Oct 4, 2002
Site apache.org

Apache v2.0.43 - Apache is the most popular webserver on the Internet, and ranks well in terms of security, functionality, efficiency, and speed. Changelog available here.

Changes: Fixes a cross-site scripting vulnerability in the default error page of Apache 2.0 before 2.0.43 when UseCanonicalName is "Off" and support for wildcard DNS is present which allows remote attackers to execute html and java script as other web page visitors via the Host: header.
systems | unix
SHA-256 | 340e0f3ddc87e1dd13973c52b1bc99ec86ac5b5ef5cc105cda34cc7ff32d0d93

Related Files

Apache HTTPd Range Header Denial Of Service Update 2
Posted Aug 26, 2011
Site apache.org

A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPd server. Both the 1.3 and 2.x releases are affected. An attack tool is circulating in the wild. Active use of this tool has been observed. The attack can be done remotely and with a modest number of requests can cause very significant memory and CPU usage on the server.

tags | advisory, denial of service
advisories | CVE-2011-3192
SHA-256 | 5d5a40e4d8f57c587755cd3f5ff822e2259dd225fa37f5f99b5edcce51cf091d
Apache HTTPd Range Header Denial Of Service
Posted Aug 25, 2011
Site apache.org

A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPd server. Both the 1.3 and 2.x releases are affected. An attack tool is circulating in the wild. Active use of this tool has been observed. The attack can be done remotely and with a modest number of requests can cause very significant memory and CPU usage on the server.

tags | advisory, denial of service
advisories | CVE-2011-3192
SHA-256 | a9690ce85ab38ad4c6cee06d55ad11d445eea51f1cdb17fcbcf5b56233597938
Apache httpd Remote Denial Of Service
Posted Aug 19, 2011
Authored by Kingcope

Apache httpd remote denial of service memory exhaustion exploit.

tags | remote, denial of service
SHA-256 | 5fdda8b150aea034561a2b99bc1c71da2c6f225ee078695da41e6e725f0e4a7d
Simple HTTPd 1.42 PUT Buffer Overflow
Posted Aug 15, 2011
Authored by nion

Simple HTTPd version 1.42 PUT request remote buffer overflow exploit.

tags | exploit, remote, overflow
advisories | CVE-2011-2900
SHA-256 | 0252f9817102dd7dc326bcc8709a4f571708533f062b11b61019aeedce1db410
Simple HTTPd 1.42 Denial Of Service
Posted Aug 14, 2011
Authored by G13 | Site metasploit.com

Simple HTTPd version 1.42 denial of service exploit.

tags | exploit, denial of service
SHA-256 | 983ba160baafe038dbef7b4b94dae3df66ed0a1b8efcefb1163821f13b7b28a7
Red Hat Security Advisory 2011-0862-01
Posted Jun 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0862-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An infinite loop flaw was found in the way the mod_dav_svn module processed certain data sets. If the SVNPathAuthz directive was set to "short_circuit", and path-based access control for files and directories was enabled, a malicious, remote user could use this flaw to cause the httpd process serving the request to consume an excessive amount of system memory. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1752, CVE-2011-1783, CVE-2011-1921
SHA-256 | 1ff98c5c00208f3cbe3c94f264edd5b646b681a3f2f0cf7c2caec93cbe9a9454
Red Hat Security Advisory 2011-0861-01
Posted Jun 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0861-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed requests submitted against the URL of a baselined resource. A malicious, remote user could use this flaw to cause the httpd process serving the request to crash. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1752
SHA-256 | 61b36e4ad1a6f0b75382a4c6f82d8f8e00315ffa03ef57737348fb9747bb6e7f
Mandriva Linux Security Advisory 2011-106
Posted Jun 4, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-106 - The mod_dav_svn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources which can lead to a denial of service. The mod_dav_svn Apache HTTPD server module may in certain scenarios enter a logic loop which does not exit and which allocates emory in each iteration, ultimately exhausting all the available emory on the server which can lead to a denial of service. The mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-1752, CVE-2011-1783, CVE-2011-1921
SHA-256 | db5fe256ef577b1b631f68ced08339d66969930e81aff27ca5f3917b3f80347a
Red Hat Security Advisory 2011-0844-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0844-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function. Note: This problem affected httpd configurations using the "Location" directive with wildcard URLs. The denial of service could have been triggered during normal operation; it did not specifically require a malicious HTTP request. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, redhat
advisories | CVE-2011-1928
SHA-256 | 10c43bcfd8ec38f49e9fbbef97f03e10a6e47e439f21881be0d699f358706139
Debian Security Advisory 2237-1
Posted May 15, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2237-1 - A flaw was found in the APR library, which could be exploited through Apache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2011-0419
SHA-256 | c23f7d122bf00732fd57c168870b2d9b88cfca00ec85f779d9841ab56b4fcd1f
Mandriva Linux Security Advisory 2011-084
Posted May 14, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-084 - It was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-0419
SHA-256 | 45271e52457dd5e159581d09ef78f8d9ecb63ab04f93a3fbb88d31810af7cf0d
jHTTPd 0.1a Directory Traversal
Posted Mar 29, 2011
Authored by AutoSec Tools | Site autosectools.com

A directory traversal vulnerability in jHTTPd version 0.1a can be exploited to read files outside of the web root.

tags | exploit, web, root, file inclusion
SHA-256 | 7714d7d0c2b394430f94ade33e5d1ee5451a1d69f42ee28c049bb489a1ee60b5
Debian Security Advisory 2202-1
Posted Mar 24, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2202-1 - MPM_ITK is an alternative Multi-Processing Module for Apache HTTPD that is included in Debian's apache2 package.

tags | advisory
systems | linux, debian
advisories | CVE-2011-1176
SHA-256 | b928a735f521bacebfb2c8190a7619edeff9aeca300224b2d84504d193d6561b
Nostromo 1.9.3 Directory Traversal
Posted Mar 16, 2011
Site redteam-pentesting.de

Nostromo (nhttpd) versions 1.9.3 and below suffer from a directory traversal vulnerability.

tags | exploit
advisories | CVE-2011-0751
SHA-256 | 21642ad06a6be195db94145ad06272a939d44c4341d01becfc5db1a0b9bb3907
Caedo HTTPd Server 0.5.1 ALPHA Remote File Download
Posted Jan 29, 2011
Authored by Zer0 Thunder

Caedo HTTPd Server version 0.5.1 ALPHA remote file download exploit.

tags | exploit, remote
SHA-256 | 1c8e2d236567807f28efa5fcb99ff260c326c3e73df7f896942fe3a3700a4abb
Debian Security Advisory 2141-4
Posted Jan 13, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2141-4 - The openssl update in DSA-2141-1 caused a regression in lighttpd. Due to a bug in lighttpd, the server fails to start in some configurations if using the updated openssl libraries. This update fixes this problem.

tags | advisory
systems | linux, debian
advisories | CVE-2009-3555
SHA-256 | 6d8bf518952bb36182005427e9e1ac90e6b3e956a42a79dda732a59c8ea917f8
httpdASM 0.92 Directory Traversal
Posted Dec 28, 2010
Authored by AutoSec Tools

httpdASM version 0.92 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 55fd5686b91769bd5470387d8ce679f661312835161b3fdc62aebdaf85dbecb5
Secunia Security Advisory 42750
Posted Dec 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - John Leitch has discovered a vulnerability in httpdASM, which can be exploited by malicious people to disclose system information.

tags | advisory
SHA-256 | 85880f2d58ff8eb7eff54886a01d202616d9050c66654732aede035bcbec8099
Debian Linux Security Advisory 2117-1
Posted Oct 5, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2117-1 - APR-util is part of the Apache Portable Runtime library which is used by projects such as Apache httpd and Subversion. Jeff Trawick discovered a flaw in the apr_brigade_split_line() function in apr-util. A remote attacker could send crafted http requests to cause a greatly increased memory consumption in Apache httpd, resulting in a denial of service.

tags | advisory, remote, web, denial of service
systems | linux, debian
advisories | CVE-2010-1623
SHA-256 | 67cbe05ab7fb997c5c2fe794fbdf3cf7157f9155c673e328458a27e75c48fbca
VMware Security Advisory 2010-0014
Posted Sep 25, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.

tags | advisory
systems | windows
advisories | CVE-2010-3277, CVE-2010-1205, CVE-2010-0205, CVE-2010-2249, CVE-2010-0434, CVE-2010-0425
SHA-256 | c598de56110b9b1285f2b8e0d5afbeeb93abb4d32d2d9e62b9bdc9c16b71278b
Secunia Security Advisory 41153
Posted Aug 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for httpd. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 5e6e7da1dc37c73df39c61f0370a98e8c3f842d0eff70b33026c17979483834a
Secunia Security Advisory 41027
Posted Aug 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in httpdx, which can be exploited by malicious people to cause a DoS (Denial of Service) and by malicious users to potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 521ca46903533ccd6bcfa1c5a0b354d4be4a85dd33510ad3535f6f7d8cd47c5b
Httpdx 1.5.4 Denial Of Service
Posted Aug 18, 2010
Authored by Dr_IDE

Httpdx version 1.5.4 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | c50cbe6ab8e481d9566cbb0cc8fc9fc3d5e297d5737b205731166875e8d04795
Mandriva Linux Security Advisory 2010-153
Posted Aug 17, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-153 - The mod_cache and mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service via a request that lacks a path. mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.

tags | advisory, remote, web, denial of service
systems | linux, unix, mandriva
advisories | CVE-2010-1452, CVE-2010-2791
SHA-256 | 444c83bf883527ec99f5774bd35218e9bfc7120a9811519671377a06461fea59
Secunia Security Advisory 41008
Posted Aug 16, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for httpd. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | 51a4aca892ed242fed8fa3341fbbe2cc7e0fe93c3fc6fc1078b9b64e03f025c4
Page 3 of 4
Back1234Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close