CVSS: 5.0EPSS: 4%CPEs: 8EXPL: 0CVE-2015-0228 – httpd: Possible mod_lua crash due to websocket bug
https://notcve.org/view.php?id=CVE-2015-0228
The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. La función lua_websocket_read en lua_request.c en el módulo mod_lua en Apache HTTP Server hasta 2.4.12 permite a atacantes remotos causar una denegación de servicio (caída del proceso hijo) mediante el envío de un Frame WebSocket Ping manipulado después de que una secuencia de comandos Lua haya llamado a la función wsupgrade. A denial of service flaw was found in the way the mod_lua httpd module processed certain WebSocket Ping requests. A remote attacker could send a specially crafted WebSocket Ping packet that would cause the httpd child process to crash. • http://advisories.mageia.org/MGASA-2015-0099.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html http://rhn.redhat.com/errata/RHSA-2015-1666.html http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork&#x • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 46EXPL: 2CVE-2013-5697 – mod_accounting Module 0.5 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2013-5697
SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header. Vulnerabilidad de inyección SQL en mod_accounting.c del módulo mod_accounting para Apache en la versión 0.5 y anteriores permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de la cabecera Host. mod_accounting version 0.5 suffers from a remote blind SQL injection vulnerability. • https://www.exploit-db.com/exploits/28653 http://osvdb.org/97588 http://www.baesystemsdetica.com.au/Research/Advisories/mod_accounting-Blind-SQL-Injection-%28DS-2013-006%29 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.0EPSS: 2%CPEs: 117EXPL: 0CVE-2007-6750
https://notcve.org/view.php?id=CVE-2007-6750
The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15. El servidor HTTP Apache 1.x y 2.x permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una petición HTTP parcial, tal como se ha demostrado por Slowloris, relacionado con la falta del módulo mod_reqtimeout en versiones anteriores a 2.2.15. • http://archives.neohapsis.com/archives/bugtraq/2007-01/0229.html http://ha.ckers.org/slowloris http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html http://marc.info/?l=bugtraq&m=136612293908376&w=2 http://www.securityfocus.com/bid/21865 http://www.securitytracker.com/id/1038144 https://exchange.xforce.ibmcloud.com/vulnerabilities/72345 https://h20566.www2.hpe.com/portal/site/hpsc/public/ • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 94%CPEs: 100EXPL: 3CVE-2011-4317 – Apache 7.0.x mod_proxy - Reverse Proxy Security Bypass
https://notcve.org/view.php?id=CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368. El módulo mod_proxy en el servidor HTTP Apache v1.3.x hasta v1.3.42, v2.0.x hasta v2.0.64, and v2.2.x hasta v2.2.21, cuando la revisión 1179239 se realiza, no interactúa con el uso de patrones de coincidencia (1) RewriteRule y (2) ProxyPassMatch para configuración de un proxy inverso, lo que permite a atacantes remotos enviar peticiones a servidores de la intranet a través de URI mal formadas que contienen el caracter '@': caracter en una posición inválida. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2011-3368. • https://www.exploit-db.com/exploits/36352 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 http://kb.juniper.net/JSA10585 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html http://marc.info/?l=bugtraq&m=133294460209056&w=2 http://marc.info/?l=bugtraq&m=134987041210674&w=2 http://rhn.redhat.com/ • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 20EXPL: 0CVE-2011-1360
https://notcve.org/view.php?id=CVE-2011-1360
Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP Server 2.0.47 and earlier, as used in WebSphere Application Server and other products, allow remote attackers to inject arbitrary web script or HTML via vectors involving unspecified documentation files in (1) manual/ibm/ and (2) htdocs/*/manual/ibm/. vulnerabilidad múltiple en cross-site scripting (XSS) en IBM HTTP Server v2.0.47 y anteriores, se utiliza en WebSphere Application Server y otros productos, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados que involucran archivos de documentación en (1) manual/ibm/ y (2) htdocs/*/manual/ibm/. • http://www-01.ibm.com/support/docview.wss?uid=swg21502580 http://www.ibm.com/support/docview.wss?uid=swg1PM41293 http://www.securityfocus.com/bid/50447 https://exchange.xforce.ibmcloud.com/vulnerabilities/69656 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •