Page 47 of 244 results (0.015 seconds)

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1

The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that returned when the session does not have permissions to the root node, which allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors. La función deepGetOrCreateNode en impl/operations/AbstractCreateOperation.java en org.apache.sling.servlets.post.bundle 2.2.0 y 2.3.0 de Apache Sling no maneja apropiadamente un valor nulo que es devuelto cuando la sesión no tiene permisos para el nodo raíz, lo que permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de vectores no especificados. • http://mail-archives.apache.org/mod_mbox/sling-dev/201310.mbox/%3CCAKkCf4pue6PnESsP1KTdEDJm1gpkANFaK%2BvUd9mzEVT7tXL%2B3A%40mail.gmail.com%3E http://secunia.com/advisories/55157 http://www.securityfocus.com/bid/62903 https://exchange.xforce.ibmcloud.com/vulnerabilities/87765 https://issues.apache.org/jira/browse/SLING-2913 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1

The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP request. La operación @CopyFrom en el servlet POST en el conjunto org.apache.sling.servlets.post anteriores a v2.1.2 en Apache Sling no previene intentos de copia sobre un nodo de nivel superior sobre uno de nivel inferior, lo que permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de una petición HTTP. The CopyFrom operation of the Sling POST servlet allows for copying a parent node to one of its descendant nodes, creating an infinite loop that ultimately results in denial of service, once memory and/or storage resources are exhausted. • https://www.exploit-db.com/exploits/37487 http://mail-archives.apache.org/mod_mbox/www-announce/201207.mbox/%3CCAEWfVJ=PwoQmwJg0KmbrC17Gw51kgfKRsqgy=4RpMQsdGh0bVg%40mail.gmail.com%3E http://svn.apache.org/viewvc?view=revision&revision=1352865 https://issues.apache.org/jira/browse/SLING-2517 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.8EPSS: 0%CPEs: 39EXPL: 0

native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application. native/unix/native/jsvc-unix.c en jsvc en el componente Daemon v1.0.3 hasta v1.0.6 en Apache Commons, usado en Apache Tomcat v5.5.32 hasta v5.5.33, v6.0.30 hasta v6.0.32, y v7.0.x anterior a v7.0.20 en LinuxApache Commons, no elimina permisos, lo que permite a atacantes remotos evitar permisos de lectura para ficheros a través de una petición en una aplicación. • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00024.html http://mail-archives.apache.org/mod_mbox/commons-dev/201108.mbox/%3C4E451B2B.9090108%40apache.org%3E http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E45221D.1020306%40apache.org%3E http://marc.info/?l=bugtraq&m=132215163318824&w=2 http://marc.info/?l=bugtraq&m=133469267822771&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w= • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials. Condición de carrera en el módulo mod_auth_shadow del servidor HTTP Apache permite a atacantes remotos evitar la autenticación, leer y posiblemente modificar datos, a través de vectores de ataque relacionados con errores en la interacción con una aplicación de ayuda externa para la validación de las credenciales. • http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041326.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041340.html http://secunia.com/advisories/39823 http://www.mandriva.com/security/advisories?name=MDVSA-2010:081 http://www.securityfocus.com/bid/39538 http://www.vupen.com/english/advisories/2010/0908 http://www.vupen.com/english/advisories/2010/1148 https://bugzilla.redhat.com/show_bug.cgi?id=578168 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 2

PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server. PHP v4.4.4, v5.1.6, y otras versiones, cuando están ejecutando Apache, permite a usuarios locales modificar el comportamiento de otros sitios hospedados en el mismo servidor web mediante la modificación de la característica mbstring.func_overload dentro de .htaccess, lo que produce que esta característica sea aplicada a otros sistemas virtuales alojados en el mismo servidor. • https://www.exploit-db.com/exploits/32769 http://bugs.php.net/bug.php?id=27421 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://secunia.com/advisories/34642 http://secunia.com/advisories/34830 http://secunia.com/advisories/35003 http://secunia.com/advisories/35007 http://secunia.com/advisories/35306 http://www.debian.org/security/2009/dsa-1789 http://www.openwall.com/lists/oss-security/2009/01/30/1 http://www.openwall.com/lists • CWE-134: Use of Externally-Controlled Format String •