Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security VulnWatch
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[VulnWatch] UNIRAS ALERT - 34/04 - Vulnerability Issues with Apache 2.0.

from [Richie B.] Network Security [Permanent Link]
Subject: [VulnWatch] UNIRAS ALERT - 34/04 - Vulnerability Issues with Apache 2.0.x
Date: Wed, 15 Sep 2004 17:32:52 +0200 
I did not see this here yet.

1. Through the testing of Apache by using the Codenomicon HTTP Test Tool, the ASF Security
Team have discovered a bug in the apr-util library, which can lead to arbitrary code
execution.

2. SITIC have discovered that Apache suffers from a buffer overflow when expanding environment
variables in configuration files such as .htaccess and httpd.conf, leading to possible
privilege escalation.



http://www.uniras.gov.uk/l1/l2/l3/alerts2004/alert-3404.txt

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [VulnWatch] UNIRAS ALERT - 34/04 - Vulnerability Issues with Apache 2.0.x, Richie B. <=
Previous by Date:  [Full-Disclosure] Secunia Research: StarOffice / OpenOffice Insecure Temporary File Creation, Carsten H. Eiram
Next by Date:  [VulnWatch] myServer 0.7 Directory Traversal Vulnerability, Securiteinfo.com
Previous by Thread:  [Full-Disclosure] Secunia Research: StarOffice / OpenOffice Insecure Temporary File Creation, Carsten H. Eiram
Next by Thread:  [VulnWatch] myServer 0.7 Directory Traversal Vulnerability, Securiteinfo.com
Indexes:  [Date] [Thread] [Top] [All Lists]