CVE-2010-0010
https://notcve.org/view.php?id=CVE-2010-0010
Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow. Desbordamiento de enteros en la función ap_proxy_send_fb en proxy/proxy_util.c en mod_proxy en el servidor HTTP Apache anterior a v1.3.42 en plataformas de 64 bits permite a los servidores de origen remoto provocar una denegación de servicio (cuelgue del demonio) o posiblemente ejecutar código arbitrario a través de un fragmento de gran tamaño que provoca un desbordamiento de búfer basado en memoria dinámica. • http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html http://blog.pi3.com.pl/?p=69 http://httpd.apache.org/dev/dist/CHANGES_1.3.42 http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html http://marc.info/?l=bugtraq&m=130497311408250&w=2 http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt http://secunia.com/advisories/38319 http://secunia.com/advisories/39656 http://site.pi3.com.pl/adv/mod_proxy.txt http://www.sec • CWE-189: Numeric Errors •
CVE-2009-3555 – Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass
https://notcve.org/view.php?id=CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. El protocolo TLS y el protocolo SSL v3.0 y posiblemente versiones anteriores, tal y como se usa en Microsoft Internet Information Services (IIS) v7.0, mod_ssl en el servidor HTTP Apache v2.2.14 y anteriores, OpenSSL antes de v0.9.8l, GnuTLS v2.8.5 y anteriores, Mozilla Network Security Services (NSS) v3.12.4 y anteriores, y otros productos, no asocia apropiadamente la renegociación del Handshake SSL en una conexión existente, lo que permite ataques man-in-the-middle en los que el atacante inserta datos en sesiones HTTPS, y posiblemente otro tipo de sesiones protegidas por SSL o TLS, enviando una petición de autenticación que es procesada retroactivamente por un servidor en un contexto post-renegociación. Se trata de un ataque de "inyección de texto plano", también conocido como el problema del "Proyecto Mogul". • https://www.exploit-db.com/exploits/10071 https://www.exploit-db.com/exploits/10579 http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html http://blogs.iss.net/archive/sslmitmiscsrf.html http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during http://clicky.me/tlsvuln http://extendedsubset.com/?p=8 http://extendedsubset.com/Renegotiating_TLS.pdf http://h20000.www2.hp.com/bizsuppo • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint •
CVE-2008-2939 – httpd: mod_proxy_ftp globbing XSS
https://notcve.org/view.php?id=CVE-2008-2939
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. Vulnerabilidad de XSS en proxy_ftp.c en el módulo mod_proxy_ftp en Apache 2.0.63 y en versiones anteriores y mod_proxy_ftp.c en el módulo mod_proxy_ftp en Apache 2.2.9 y en versiones anteriores a 2.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un comodín en el último componente del directorio en el nombre de ruta en una URI FTPI. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html http://marc.info/?l=bugtraq&m=123376588623823&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://rhn.redhat.com/errata/RHSA-2008-0967.html http://secunia.com/advisories/31384 http://secunia.com/advisories/31673 http://secunia.com/advisories/32685 http://secunia.com/advisories/32838 http://secunia.com/advisories/33156 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-0435
https://notcve.org/view.php?id=CVE-2006-0435
Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html http://secunia.com/advisories/18621 http://secunia.com/advisories/19712 http://secunia.com/advisories/19859 http://securityreason.com/securityalert/402 http://securityreason.com/securityalert/403 http://securitytracker.com/id?1015544 http://securitytracker.com/id?10 •
CVE-2005-3352 – httpd cross-site scripting flaw in mod_imap
https://notcve.org/view.php?id=CVE-2005-3352
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo mod_imap de Apache httpd anteriores a 1.3.35-dev y Apache httpd 2.0.x anteriores a 2.0.56-dev permite a atacantes remotos inyectar 'script' web o HTML de su elección mediante el Referente cuando se usan mapas de imágenes. • ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://docs.info.apple.com/article.html?artnum=307562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 http://issues.apache.org/bugzilla/show_bug.cgi?id=37874 http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html http:// • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •