Page 7 of 87 results (0.011 seconds)

CVSS: 7.3EPSS: 0%CPEs: 10EXPL: 0

CVE-2020-35452 – mod_auth_digest possible stack overflow by one nul byte

https://notcve.org/view.php?id=CVE-2020-35452

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow Apache HTTP Server versiones 2.4.0 a 2.4.46 Un Digest nonce especialmente diseñado puede causar un desbordamiento de pila en la función mod_auth_digest. No existe reportes de que este desbordamiento sea explotable, ni el equipo del Servidor HTTP Apache podría crear uno, aunque algún compilador y/o opción de compilación particular podría hacerlo posible, con consecuencias limitadas de todos modos debido al tamaño (un solo byte) y el valor (cero bytes) del desbordamiento A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://httpd.apache.org/security/vulnerabilities_24.html http://www.openwall.com/lists/oss-security/2021/06/10/5 https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/07/msg00006 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0

CVE-2020-13938 – Improper Handling of Insufficient Privileges

https://notcve.org/view.php?id=CVE-2020-13938

Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows Apache HTTP Server versiones 2.4.0 a 2.4.46 Los usuarios locales sin privilegios pueden detener httpd en Windows • http://httpd.apache.org/security/vulnerabilities_24.html http://www.openwall.com/lists/oss-security/2021/06/10/3 https://kc.mcafee.com/corporate/index?page=content&id=SB10379 https://lists.apache.org/thread.html/r5fdc4fbbc7ddb816c843329a9accdcf284ade86e8d77b8c2a6d9bc30%40%3Cannounce.httpd.apache.org%3E https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E • CWE-862: Missing Authorization •

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-17567 – mod_proxy_wstunnel tunneling of non Upgraded connections

https://notcve.org/view.php?id=CVE-2019-17567

Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured. Apache HTTP Server versiones 2.4.6 a 2.4.46 la función mod_proxy_wstunnel configurado en una URL que no es necesariamente Actualizada por el servidor de origen estaba tunelizando toda la conexión a pesar de ello, permitiendo así para las peticiones posteriores en la misma conexión pasar sin comprobación HTTP, autenticación o autorización posiblemente configurada A flaw was found in Apache httpd. The mod_proxy_wstunnel module tunnels non-upgraded connections. • http://httpd.apache.org/security/vulnerabilities_24.html http://www.openwall.com/lists/oss-security/2021/06/10/2 https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E https://lists.debian.org/debian-lts-announce/2024/05/msg00013 • CWE-287: Improper Authentication CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-11985 – httpd: IP address spoofing when proxying using mod_remoteip and mod_rewrite

https://notcve.org/view.php?id=CVE-2020-11985

IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020. Una falsificación de direcciones IP cuando se está usando un proxy por medio de mod_remoteip y mod_rewrite para las configuraciones que usan el proxy con mod_remoteip y determinadas reglas de mod_rewrite, un atacante podría falsificar su dirección IP para el registro y los scripts PHP. Note que este problema se corrigió en Apache HTTP Server versión 2.4.24, pero se le asignó retrospectivamente un CVE de poca gravedad en 2020 A flaw was found in the mod_remoteip module shipped with the httpd package. This flaw allows an attacker to spoof the IP address, resulting in the bypass of a mod_rewrite rule. • https://httpd.apache.org/security/vulnerabilities_24.html https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 6.1EPSS: 0%CPEs: 24EXPL: 0

CVE-2020-1927 – httpd: mod_rewrite configurations vulnerable to open redirect

https://notcve.org/view.php?id=CVE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. En Apache HTTP Server versiones 2.4.0 hasta 2.4.41, los redireccionamientos configurados con mod_rewrite que pretendían ser autorreferenciales podrían ser engañados por nuevas líneas codificadas y redireccionadas en lugar de una URL inesperada dentro de la URL de petición. A flaw was found in Apache HTTP Server (httpd) versions 2.4.0 to 2.4.41. Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirected instead to an unexpected URL within the request URL. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html http://www.openwall.com/lists/oss-security/2020/04/03/1 http://www.openwall.com/lists/oss-security/2020/04/04/1 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •