CVE-2006-3747 – Apache < 1.3.37/2.0.59/2.2.3 mod_rewrite - Remote Overflow
https://notcve.org/view.php?id=CVE-2006-3747
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules. Error de superación de límite (off-by-one) en el esquema ldap manejado en el modulo Rewrite (mod_rewrite) en Apache 1.3 desde 1.3.28, 2.0.46 y otras versiones anteriores 2.0.59, y 2.2, cuando RewriteEngine está activo, permite a atacantes remotos provocar denegación de servicio (Caida de aplicación) y posiblemente ejecutar código a rtavés de URLs manipuladas que no se manejan de forma adecuada utilizando ciertas reglas de reescritura. • https://www.exploit-db.com/exploits/2237 https://www.exploit-db.com/exploits/3996 https://www.exploit-db.com/exploits/16752 https://www.exploit-db.com/exploits/3680 https://github.com/defensahacker/CVE-2006-3747 http://docs.info.apple.com/article.html?artnum=307562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 http://kbase.redhat.com/faq/FAQ_68_8653.shtm http:/ • CWE-189: Numeric Errors •
CVE-2006-3918 – Apache 1.3.35/2.0.58/2.2.2 - Arbitrary HTTP Request Headers Security
https://notcve.org/view.php?id=CVE-2006-3918
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file. http_protocol.c en (1) IBM HTTP Server 6.0 anterioa a 6.0.2.13 y 6.1 anterior 6.1.0.1, y (2) Apache HTTP Server 1.3 anterior a 1.3.35, 2.0 anterior a 2.0.58, y 2.2 anterior a 2.2.2, no desinfecta la cabecera Expect desde una respuesta HTTP cuando se refleja en un mensaje de error, lo cul podría permitir un ataque de tipo secuencia de comandos en sitios cruzados (XSS) utilizando los componentes web del cliente que puede enviar cabeceras de su elección en las respuesta, como se demostró con la utilización de un archivo Flash SWF. Oracle HTTP Server for Oracle Application Server 10g version 10.1.2.0.2 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/28424 ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://marc.info/?l=bugtraq&m=12919089961 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-0435
https://notcve.org/view.php?id=CVE-2006-0435
Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html http://secunia.com/advisories/18621 http://secunia.com/advisories/19712 http://secunia.com/advisories/19859 http://securityreason.com/securityalert/402 http://securityreason.com/securityalert/403 http://securitytracker.com/id?1015544 http://securitytracker.com/id?10 •
CVE-2005-3352 – httpd cross-site scripting flaw in mod_imap
https://notcve.org/view.php?id=CVE-2005-3352
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo mod_imap de Apache httpd anteriores a 1.3.35-dev y Apache httpd 2.0.x anteriores a 2.0.56-dev permite a atacantes remotos inyectar 'script' web o HTML de su elección mediante el Referente cuando se usan mapas de imágenes. • ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://docs.info.apple.com/article.html?artnum=307562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 http://issues.apache.org/bugzilla/show_bug.cgi?id=37874 http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html http:// • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2004-2343
https://notcve.org/view.php?id=CVE-2004-2343
Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument • http://archives.neohapsis.com/archives/bugtraq/2004-02/0043.html http://archives.neohapsis.com/archives/bugtraq/2004-02/0064.html http://archives.neohapsis.com/archives/bugtraq/2004-02/0120.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15015 •