Page 48 of 244 results (0.005 seconds)

CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0

TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions. TYPO3 versiones 4.0.x anteriores a 4.0.9, versiones 4.1.x anteriores a 4.1.7, y versiones 4.2.x anteriores a 4.2.1, utiliza un fileDenyPattern predeterminado insuficientemente restrictivo para Apache, que permite a los atacantes remotos omitir las restricciones de seguridad y cargar archivos de configuración como .htaccess, o conducir ataques de carga de archivos mediante varias extensiones. • http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern http://secunia.com/advisories/30619 http://secunia.com/advisories/30660 http://securityreason.com/securityalert/3945 http://typo3.org/teams/security/security-bulletins/typo3-20080611-1 http://www.debian.org/security/2008/dsa-1596 http://www.securityfocus.com/archive/1/493270/100/0/threaded http://www.securityfocus.com/bid/29657 http://www.vupen.com/english/advisories/2008/1802 https:/ • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 3

The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables. La función ExpandCert en Apache-SSL versiones anteriores apache_1.3.41+ssl_1.59 no gestiona correctamente los caracteres (1) '/' y (2) '=' en un Distinguished Name (DN) de un certificado de cliente, lo cual puede permitir a atacantes remotos evitar autenticarse a través de un DN manipulado que dispara la sobreescritura de variables de entorno. • http://secunia.com/advisories/29644 http://securityreason.com/securityalert/3797 http://www.apache-ssl.org/advisory-cve-2008-0555.txt http://www.cynops.de/advisories/CVE-2008-0555.txt http://www.klink.name/security/aklink-sa-2008-005-apache-ssl.txt http://www.securityfocus.com/archive/1/490386/100/0/threaded http://www.securityfocus.com/bid/28576 http://www.securitytracker.com/id?1019784 http://www.vupen.com/english/advisories/2008/1079/references https://exchange.xforce.i • CWE-20: Improper Input Validation CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array. Vulnerabilidad de extracción de variables en Ian Bezanson Apache Stats versiones anteriores a 0.0.3 beta permite a atacantes remotos sobre-escribir variables críticas, con impacto desconocido, que la función de extracción se usa en el array superglobal _REQUEST. • http://sourceforge.net/forum/forum.php?forum_id=660919 http://superb-east.dl.sourceforge.net/sourceforge/apachestats/apacheStats_0.0.3Beta.tar.bz2 http://www.vupen.com/english/advisories/2007/0598 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function. Vulnerabilidad de extracción de variables en Apache Stats versiones anteriores a 0.0.3beta permite a atacantes remotos modificar variables de su elección y perpetrar ataques mediante vectores desconocidos involucrando el uso de la función de extracción de PHP. • http://sourceforge.net/forum/forum.php?forum_id=660919 http://www.securityfocus.com/bid/22388 http://www.vupen.com/english/advisories/2007/0559 •

CVSS: 5.0EPSS: 1%CPEs: 5EXPL: 2

JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products. • https://www.exploit-db.com/exploits/25702 http://marc.info/?l=bugtraq&m=111697083812367&w=2 http://tomcat.apache.org/security-5.html http://www.securityfocus.com/bid/13753 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •