Autor
Queria saber si se podria hacer algo con estas vulnerablidades,xD. si saben algo respondan, Gracias
Web Servers : Apache Double-Reverse Lookup Log Entry Spoofing Vulnerability
Port 80
Description Under some circumstances, Apache may log invalid hostname information. If a double-reverse DNS lookup is performed but fails, then an invalid hostname may appear in the logs. For example, this may occur if the hostname does not properly resolve to the IP address in the double-reverse DNS lookup. A remote attacker may deliberately exploit this issue to cause spoofed information to be logged by the webserver.
Hot to fix Upgrade to the current version of Apache.
Risk level High
Related Links Apache Web Server
CVE GENERIC-MAP-NOMATCH
Bugtraq ID 4358
-----------------------------------------------------------------------------------------
Web Servers : Apache HTDigest Realm Command Line Argument Buffer Overflow Vulnerability
Port 80
Description A buffer overflow vulnerability exists in the htdigest utility included with Apache. The vulnerability is due to improper bounds checking when copying user-supplied realm data into local buffers.By supplying an overly long realm value to the command line options of htdigest, it is possible to trigger an overflow condition. This may cause memory to be corrupted with attacker-specified values.This issue could be exploited by a remote attacker; potentially resulting in the execution of arbitrary system commands within the context of the web server process.
Hot to fix Upgrade to the current version of Apache.
Risk level High
Related Links Apache Web Server Homepage
CVE GENERIC-MAP-NOMATCH
Bugtraq ID 12877
-----------------------------------------------------------------------------------------
Web Servers : Apache mod_include Local Buffer Overflow Vulnerability
Port 80
Description The problem presents itself when the affected module attempts to parse mod_include specific tag values. A failure to properly validate the lengths of user-supplied tag strings prior to copying them into finite buffers facilitates the overflow. A local attacker may leverage this issue to execute arbitrary code on the affected computer with the privileges of the affected Apache server.
Hot to fix Upgrading to the most recent version of Apache.
Risk level High
Related Links Apache Web Server Homepage
CVE CAN-2004-0940
Bugtraq ID 11471
-----------------------------------------------------------------------------------------Web Servers : Apache Mod_SSL Apache-SSL Buffer Overflow Vulnerability
Port 80
Description A buffer overflow vulnerability exists in mod_ssl and Apache-SSL that may allow for attackers to execute arbitrary code. The overflow exists when the modules attempt to cache SSL sessions. Vulnerable versions of mod_ssl and Apache-SSL are incapable of handling large session representations.
Hot to fix Upgrading to the most recent version of mod_ssl or Apache-SSL.
Risk level High
Related Links ModSSL Web Server
Apache-SSL Web Server
CVE CAN-2002-0082
Bugtraq ID 4189
-----------------------------------------------------------------------------------------
Web Servers : OpenSSL ASCII Representation Of Integers Buffer Overflow Vulnerability
Port 80
Description Remotely exploitable buffer overflow conditions have been reported in OpenSSL. This issue is due to insufficient checking of bounds with regards to ASCII representations of integers on 64 bit platforms. It is possible to overflow these buffers on a vulnerable system if overly large values are submitted by a malicious attacker.Exploitation of this vulnerability may allow execution of arbitrary code with the privileges of the vulnerable application, service or client.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2002-0655
Bugtraq ID 5364
-----------------------------------------------------------------------------------------
Web Servers : OpenSSL ASN.1 Large Recursion Remote Denial Of Service Vulnerability
Port 80
Description A problem has been identified in OpenSSL when handling specific types of ASN.1 requests. This may result in remote attackers creating a denial of service condition. This issue is also known to affect numerous Cisco products. It is possible that other vendors will also be acknowledging this issue and providing fixes.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2003-0851
Bugtraq ID 8970
----------------------------------------------------------------------------------------
Web Servers : OpenSSL ASN.1 Parsing Error Denial Of Service Vulnerability
Port 80
Description A remotely exploitable denial of service condition has been reported in the OpenSSL ASN.1 library. This vulnerability is due to parsing errors and affects SSL, TLS, S/MIME, PKCS#7 and certificate creation routines. In particular, malformed certificate encodings could cause a denial of service to server and client implementations which depend on OpenSSL.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2002-0659
Bugtraq ID 5366
-----------------------------------------------------------------------------------------
Web Servers : OpenSSL ASN.1 Parsing Vulnerabilities
Port 80
Description Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. These issues could be exploited to cause a denial of service or to execute arbitrary code.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CVE-MAP-NOMATCH
Bugtraq ID 8732
----------------------------------------------------------------------------------------
Web Servers : OpenSSL Bad Version Oracle Side Channel Attack Vulnerability
Port 80
Description A problem with OpenSSL may leak sensitive information. A user could abuse the response of vulnerable servers to act as an oracle. By sending a large number of adaptive attacks, the possibility exists for a remote user to create a choice of ciphertext encrypted with the private key of the server.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2003-0131
Bugtraq ID 7148
-----------------------------------------------------------------------------------------
Web Servers : OpenSSL CBC Error Information Leakage Weakness
Port 80
Description A side-channel attack against implementations of SSL exists that, through analysis of the timing of certain operations, can reveal sensitive information to an active adversary. This information leaked by vulnerable implementations is reportedly sufficient for an adaptive attack that will ultimately obtain plaintext of a target block of ciphertext. The information loss was reduced in OpenSSL versions 0.9.6i and 0.9.7a. It is not known if other implementations are vulnerable to this or similar weaknesses.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2003-0078
Bugtraq ID 6884
----------------------------------------------------------------------------------------
Web Servers : OpenSSL Denial of Service Vulnerabilities
Port 80
Description Three security vulnerabilities have been reported to affect OpenSSL. Each of these remotely exploitable issues may result in a denial of service in applications which use OpenSSL. The first vulnerability is a NULL pointer assignment that can be triggered by attackers during SSL/TLS handshake exchanges. The CVE candidate name for this vulnerability is CAN-2004-0079. Versions 0.9.6c to 0.9.6k (inclusive) and from 0.9.7a to 0.9.7c (inclusive) are vulnerable. The second vulnerability is also exploited during the SSL/TLS handshake, though only when Kerberos ciphersuites are in use. The vendor has reported that this vulnerability may not be a threat to many as it is only present when Kerberos ciphersuites are in use, an uncommon configuration. The CVE candidate name for this vulnerability is CAN-2004-0112. Versions 0.9.7a, 0.9.7b, and 0.9.7c are affected. This entry will be retired when individual BID records are created for each issue.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2004-0079
Bugtraq ID 9899
-----------------------------------------------------------------------------------------Web Servers : OpenSSL SSLv2 Client_Master_Key Remote Denial Of Service Vulnerability
Port 80
Description OpenSSL SSLv2 has been reported prone to a remotely triggered denial of service when processing a specially crafted malicious CLIENT_MASTER_KEY message. It has been reported that a remote attacker may use a maliciously crafted CLIENT_MASTER_KEY message to influence the execution flow of a vulnerable service implmenting SSLv2 into a die() procedure. This will effectively cause the affected process to abort, denying service to legitimate users. This vulnerability is not reported to be present in OpenSSL versions greater than 0.9.6f of the 0.9.6 series of releases, because the use of the die() procedure is no longer implemented. It is not known whether the 0.9.7 series is also affected.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CVE-MAP-NOMATCH
Bugtraq ID 8746
-----------------------------------------------------------------------------------------
Web Servers : OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability
Port 80
Description OpenSSL is an open source implementation of the SSL protocol. It is used by a number of other projects, including but not restricted to Apache, Sendmail, Bind, etc.. It is commonly found on Linux and Unix based systems. A buffer overflow vulnerability has been reported in some versions of OpenSSL.A buffer overflow has been reported in the handling of the client key value during the negotiation of the SSLv2 protocol. A malicious client may be able to exploit this vulnerability to execute arbitrary code as the vulnerable server process, or possibly to create a denial of service condition.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2002-0656
Bugtraq ID 5363
-----------------------------------------------------------------------------------------
Web Servers : OpenSSL SSLv3 Session ID Buffer Overflow Vulnerability
Port 80
Description A vulnerability has been reported for OpenSSL. The vulnerability affects SSLv3 session IDs.Reportedly when a an oversized SSL version 3 session ID is supplied to a client from a malicious server, it is possible to overflow a buffer on the remote system. This could result in key memory areas on the vulnerable, remote system being overwritten, and possibly lead to the execution of arbitrary code as the client process.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2002-0656
Bugtraq ID 5362
---------------------------------------------------------------------------------------
Web Servers : OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability
Port 80
Description A side-channel attack in the OpenSSL implementation has been published in a recent paper that may ultimately result in an active adversary gaining the RSA private key of a target server. The attack involves analysis of the timing of certain operations during client-server session key negotiation. Through this attack, it may be possible for a malicious client to discover the RSA private key of a server using the vulnerable software.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2003-0147
Bugtraq ID 7101
-------------------------------------------------------------------------------------
Web Servers : OpenSSL Unspecified Insecure Temporary File Creation Vulnerability
Port 80
Description OpenSSL is affected by an unspecified insecure temporary file creation vulnerability. This issue is likely due to a design error that causes the application to fail to verify the existance of a file before writing to it. An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application. Reportedly this issue is unlikely to facilitate privilege escalation.
Hot to fix Upgrade to the current version of OpenSSL.
Risk level High
Related Links OpenSSL HomePage
CVE CAN-2004-0975
Bugtraq ID 11293
------------------------------------------------------------------------------------------
Web Servers : PHP Post File Upload Buffer Overflow Vulnerabilities
Port 80
Description PHP does not perform proper bounds checking on in functions related to Form-based File Uploads in HTML (RFC1867). Specifically, this problem occurs in the functions which are used to decode MIME encoded files. As a result, it may be possible to overrun the buffer used for the vulnerable functions to cause arbitrary attacker-supplied instructions to be executed. PHP is invoked through webservers remotely. It may be possible for remote attackers to execute this vulnerability to gain access to target systems. A vulnerable PHP interpreter module is available for Apache servers that is often enabled by default.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-2002-0081
Bugtraq ID 4183
---------------------------------------------------------------------------------------
Web Servers : PHP cURL Open_Basedir Restriction Bypass Vulnerability
Port 80
Description It is reported that cURL allows malicious users to bypass 'open_basedir' restrictions in PHP scripts. This issue is due to a failure of the cURL module to properly enforce PHPs 'open_basedir' restriction.Users with the ability to create or modify PHP scripts on a server computer hosting the vulnerable software can reportedly exploit this vulnerability to bypass the 'open_basedir' restriction, and access arbitrary files with the privileges of the web server. This may aid them in further attacks.This vulnerability possibly results in a false sense of security, as administrators expect that the restrictions in place prevent malicious users from gaining access to sensitive information.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 11557
---------------------------------------------------------------------------------------
Web Servers : PHP DLOpen Arbitrary Web Server Process Memory Vulnerability
Port 80
Description A problem has been reported in the dlopen function of PHP when used with the Apache web server. Because of this, an attacker may be able to gain unauthorized access to potentially sensitive information.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 8405
-----------------------------------------------------------------------------------------
Web Servers : PHP Glob Function Local Information Disclosure Vulnerability
Port 80
Description A local information disclosure vulnerability affects PHP. This issue is due to a design error that presents potentially sensitive information to users within error messages.An attacker may leverage this issue to reveal filenames and therefore the existence of files on an affected computer.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 12701
----------------------------------------------------------------------------------------
Web Servers : PHP Group PHP Image File Format Remote Denial Of Service Vulnerability
Port 80
Description A remote denial of service vulnerability affects PHP Group PHP. This issue is due to a failure of the application to properly handle maliciously formed Image Format File (IFF) image files.It should be noted that this vulnerability can only be exploited remotely if a Web based PHP application is implemented that allows user-supplied images to be processed by the 'getimagesize()' function. The 'getimagesize()' is commonly implemented in PHP Web applications that allow for the display of images.An attacker may leverage this issue to cause the affected script interpreter to consume excessive processing resources on an affected computer, leading to a denial of service condition.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CAN-2005-0524
Bugtraq ID 12962
---------------------------------------------------------------------------------------
Web Servers : PHP Group PHP Remote JPEG File Format Remote Denial Of Service Vulnerability
Port 80
Description A remote denial of service vulnerability affects PHP Group PHP. This issue is due to a failure of the application to properly handle maliciously crafted JPEG image files.It should be noted that this vulnerability can only be exploited remotely if a Web based PHP application is implemented that allows user-supplied images to be processed by the 'getimagesize()' function. The 'getimagesize()' is commonly implemented in PHP Web applications that allow for the display of images.An attacker may leverage this issue to cause the affected script interpreter to consume excessive processing resources on an affected computer, leading to a denial of service condition.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CAN-2005-0525
Bugtraq ID 12963
----------------------------------------------------------------------------------------
Web Servers : PHP Input Ouput Wrapper Remote Include Function Command Execution Weakness
Port 80
Description PHP is reportedly affected by an arbitrary command execution weakness through the PHP include() function. This issue is due to a design error that allows the execution of attacker supplied POST PHP commands when URI data is used as an argument to an 'include()' function. This issue affect the PHP module itself; however the problem only presents itself when an application uses a user-supplied URI parameter as an argument to the 'include()' function. This issue is reported to affect all version of PHP since 3.0.13. Furthermore this issue is not resolved by setting the 'php.ini' variable 'allow_url_fopen' to off. Successful exploitation of this issue will allow an attacker to execute arbitrary PHP code on the affected computer; this will allow the execution of commands to the underlying operating system with the privileges of the affected web server process.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 10427
---------------------------------------------------------------------------------------
Web Servers : PHP JPEG Image Buffer Overflow Vulnerability
Port 80
Description It is reported that PHP is susceptible to a buffer overflow vulnerability in handling JPEG images. This issue is due to a failure of the application to properly bounds check user-supplied image data prior to copying it into a fixed-size memory buffer.This vulnerability allows remote attackers to alter the proper flow of execution of the application, potentially resulting in the execution of attacker-supplied machine code in the context of the web server executing the PHP interpreter.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CAN-2004-1065
Bugtraq ID 11992
----------------------------------------------------------------------------------------
Web Servers : PHP memory_limit Remote Code Execution Vulnerability
Port 80
Description Reportedly PHP modules compiled with memory_limit support are affected by a remote code execution vulnerability. This issue is due to a failure of the PHP module to properly handle memory_limit request termination. This issue is reportedly exploitable by exploiting the Apache ap_escape_html Memory Allocation Denial Of Service Vulnerability (BID 10619); an attacker can cause premature termination during critical code execution. It should be noted that although the above-mentioned Apache vulnerability is the only known attack vector, there might be other attack vectors that are currently unknown. An attacker can exploit this issue to execute arbitrary code on an affected computer within the context of the vulnerable application, facilitating unauthorized access.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CAN-2004-0594
Bugtraq ID 10725
-----------------------------------------------------------------------------------------
Web Servers : PHP PHP_Variables Remote Memory Disclosure Vulnerability
Port 80
Description A vulnerability is reported to present itself in the array parsing functions of the 'php_variables.c' PHP source file. The vulnerability occurs when a PHP script is being used to print URI parameters or data, that are supplied by a third party, into a dynamically generated web page. It is reported that the vulnerable function does not strip certain characters from the user supplied data, this may ultimately be harnessed to manipulate the parsing function into returning regions of process memory to the attacker.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 11334
-----------------------------------------------------------------------------------------
Web Servers : PHP PHPInfo Cross-Site Scripting Vulnerability
Port 80
Description Scripts that include the PHP phpinfo() debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes hostile client-side script code or HTML. If this link is visited, the attacker-supplied code may be rendered in the browser of the user who visit the malicious link.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 7805
-----------------------------------------------------------------------------------------
Web Servers : PHP Shared Memory Module Offset Memory Corruption Vulnerability
Port 80
Description PHP shared memory module (shmop) is reported prone to an integer handling vulnerability. The issue exists in the PHP_FUNCTION(shmop_write) function and is as a result of a lack of sufficient sanitization performed on 'offset' data.This vulnerability may be exploited to make an almost arbitrary write into process memory. It is reported that the vulnerability may be leveraged to disable PHP 'safe mode', this may result in further compromise in a shared-server environment.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 12045
-----------------------------------------------------------------------------------------
Web Servers : PHP socket_recv() Signed Integer Memory Corruption Vulnerability
Port 80
Description A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socket_recv() and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanity checks on user-supplied argument values, making it prone to an integer overflow. This may make it possible for an attacker to trigger a denial of service. Although it has not been confirmed, it may also be possible to exploit this issue to execute arbitrary code.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 7197
----------------------------------------------------------------------------------------
Web Servers : PHP socket_recvfrom() Signed Integer Memory Corruption Vulnerability
Port 80
Description A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socket_recvfrom() and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanity checks on user-supplied argument values, making it prone to an integer overflow. This may make it possible for an attacker to trigger a denial of service. Although it has not been confirmed, it may also be possible to exploit this issue to execute arbitrary code.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 7198
---------------------------------------------------------------------------------------
Web Servers : PHP Strip_Tags() Function Bypass Vulnerability
Port 80
Description It is reported that it is possible to bypass PHPs strip_tags() function. It is reported that under certain circumstances, PHPs strip_tags() function will improperly leave malformed tags in place. This vulnerability may mean that previously presumed-safe web applications could contain multiple cross-site scripting and HTML injection vulnerabilities when viewed by Microsoft Internet Explorer or Apple Safari web browsers. It is reported that 'magic_quotes_gpc' must be off for PHP to be vulnerable to this issue.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CAN-2004-0595
Bugtraq ID 10724
----------------------------------------------------------------------------------------
Web Servers : PHP Transparent Session ID Cross Site Scripting Vulnerability
Port 80
Description A cross-site scripting vulnerability has been discovered in PHP. The problem occurs due to insufficient sanitization of the PHPSESSID URI parameter. An attacker may be capable of exploiting this vulnerability by constructing a malicious link containing script code embedded within this variable.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 7761
----------------------------------------------------------------------------------------
Web Servers : PHP Unspecified Remote Arbitrary File Upload Vulnerability
Port 80
Description Reportedly PHP is vulnerable to an unspecified arbitrary file upload vulnerability. The details of this issue are currently unavailable. This BID will be updated when more information is released. An attacker may exploit this issue to upload arbitrary files to a computer running the affected software. This may facilitate arbitrary server-side script code execution as well as other attacks.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 11190
----------------------------------------------------------------------------------------
Web Servers : PHP4 Base64_Encode() Integer Overflow Vulnerability
Port 80
Description PHP4 has been reported prone to a potential integer overflow vulnerability. The issue is reported to present itself in the base64_encode() function that is distributed as part of the PHP4 API. Although unconfirmed it has been conjectured that this issue may be due to an unsigned integer value wrapping to a value of zero. This value may then be used in boundary controls, or in arithmetic that may potentially influence execution flow or result in the corruption of sensitive regions of memory. It is currently unknown whether this condition is exploitable or not.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 8693
----------------------------------------------------------------------------------------
Web Servers : PHP4 Multiple Vulnerabilities
Port 80
Description PHP have released an upgrade to address multiple vulnerabilities, including integer overflow issues that have been reported to affect PHP4 and bundled software. Exploitation of these issues may have varying impacts, although unconfirmed potentially resulting in a denial of service or ultimately arbitrary code execution.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 8696
-----------------------------------------------------------------------------------------
Web Servers : PHP4 Readfile Denial Of Service Vulnerability
Port 80
Description PHP4 is reported prone to a denial of service vulnerability. It is reported that the PHP 'readfile()' function may be utilized to trigger this issue.An attacker that has access to a PHP enabled web host may exploit this vulnerability to crash the HTTP server that is incorporating the vulnerable PHP module.
Hot to fix Upgrade to the current version of PHP.
Risk level High
Related Links PHP Home Page.
CVE CVE-MAP-NOMATCH
Bugtraq ID 12665
|
 |
Bienvenido(a), Visitante. Por favor Ingresar o Registrarse ¿Perdiste tu email de activación?. |
|
25 Mayo 2012, 17:00 |
En línea
