Nuevas variantes en vulnerabilidades que afectan al servidor Apache.
Apache APR-util ‘apr_strmatch_precompile()’ Integer Underflow Vulnerability
Apache APR-util ‘xml/apr_xml.c’ Denial of Service Vulnerability
Apache APR-util ‘apr_brigade_vprintf’ Off By One Vulnerability
fuente: securityfocus.com
Deja un Comentario » | 
03.Vulnerabilidades | Etiquetado: apache, Denial of Service, denial of service vulnerability, Servidor Apache | 
Permalink
Escrito por komz
Apache HTTP Server is prone to a denial-of-service vulnerability because of faulty error handling.
Successful exploits may allow remote attackers to trigger denial-of-service conditions.
This issue affects versions prior to Apache 2.2.14 on Solaris platforms.
Published: Oct 05 2009 12:00AM
Updated: Oct 06 2009 12:39AM
REFERENCIA DE LA VULNERABILIDAD
fuente: securityfocus.com
Deja un Comentario » | 
03.Vulnerabilidades | Etiquetado: apache, Apache HTTP Server, Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability, denial of service vulnerability | 
Permalink
Escrito por komz
Apache Tomcat ‘RequestDispatcher’ Information Disclosure Vulnerability
Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
Apache Tomcat XML Parser Information Disclosure Vulnerability
fuente: securityfocus.com
Deja un Comentario » | 
03.Vulnerabilidades | Etiquetado: apache, Apache Tomcat, apache tomcat vulnerabilidades | 
Permalink
Escrito por komz
Dos nuevas vulnerabilidades que afectan al mod_proxy de Apache.
Published: Sep 03 2009 12:00AM
Updated: Sep 03 2009 09:42PM
REFERENCIA APACHE MODULE mod_proxy_ftp HOMEPAGE
fuente: securityfocus.com
Deja un Comentario » | 03.Vulnerabilidades | Etiquetado: apache, mod_proxy de Apache, NUEVAS VULNERABILIDADES que afectan al mod_proxy de Apache. | Permalink
Escrito por komz
Apache ‘APR-util’ is prone to a vulnerability that may allow attackers to cause an affected application to consume memory, resulting in a denial-of-service condition.
Versions prior to ‘APR-util’ 1.3.7 are vulnerable.
Published: Jun 06 2009 12:00AM
Updated: Jul 06 2009 08:29AM
REFERENCIA DE LA VULNERABILIDAD
fuente: securityfocus.com
Deja un Comentario » | 03.Vulnerabilidades | Etiquetado: apache, Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability, vulnerabilidad en apache | Permalink
Escrito por komz
Deja un Comentario » | 03.Vulnerabilidades | Etiquetado: apache, Multples vulnerabilidades que afectan al servidor Tomcat de Apache, tomcat | Permalink
Escrito por komz
Deja un Comentario » | 03.Vulnerabilidades | Etiquetado: apache, apache web server, mod_proxy, Vulnerabilidades | Permalink
Escrito por komz
Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects the following:
- The ‘mod_imagemap’ module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0
- The ‘mod_imap’ module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0.
fuente: securityfocus
REFERENCIA DE LA VULNERABILIDAD
Deja un Comentario » | 03.Vulnerabilidades | Etiquetado: apache, APACHE mod_imagemap and mod_imap Cross-Site Scripting | Permalink
Escrito por komz
The Apache HTTP Server ‘mod_status’ module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users’ browsers to arbitrary locations, which may aid in phishing attacks.
The issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev.
fuente: securityfocus
REFERENCIA DE LA VULNERABILIDAD
Deja un Comentario » | 03.Vulnerabilidades | Etiquetado: 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability, apache, Apache HTTP Server 2.2.6 | Permalink
Escrito por komz
The Apache ‘mod_proxy_http’ module is prone to a denial-of-service vulnerability that affects the processing of interim responses.
Attackers may exploit this issue to cause denial-of-service conditions.
Reportedly, the issue affects Apache 2.2.8 and 2.0.63; other versions may also be affected.
fuente: securityfocus
REFERENCIA DE LA VULNERABILIDAD
Deja un Comentario » | 03.Vulnerabilidades | Etiquetado: apache, denial of service vulnerability, vulnerability | Permalink
Escrito por komz
The Apache ‘mod_proxy_ftp’ module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue is reported to affect Apache 2.0.63 and 2.2.9; other versions may also be affected.
fuente: securityfocus
REFERENCIA DE LA VULNERABILIDAD
Deja un Comentario » | 03.Vulnerabilidades | Etiquetado: apache, cross-site scripting vulnerability, vulnerability | Permalink
Escrito por komz
Current threat level of vulnerabilities by X-Force, IBM.
See more information.
