源码地带 > 电路图 > 电子资料下载 > 其他行业 >全面网络扫描器VB源代码很实用 > 查看压缩包源码

全面网络扫描器VB源代码很实用

源代码在线查看： apache prior 2.0.49 htaccess limit directive bypass.plugin

软件大小：	1036 K
上传用户：	xx87293767
关键词：	网络扫描器源代码
下载地址：	免注册下载普通下载


相关代码
apache prior 2.0.49 htaccess limit directive bypass.plugin apache prior 2.0.49 mod_perl file descriptor leakage.plugin apache prior 2.0.49 mod_userdir information disclosure.plugin apache prior 2.0.49 cygwin directory traversal.plugin apache prior 2.0.49 mod_php global variables information disclosure.plugin apache prior 2.0.49 http response splitting.plugin apache prior 2.0.49 mod_disk_cache module client authentication weak encryption.plugin apache prior 2.0.50 mod_ssl ssl_util_uuencode_binary buffer overflow.plugin

252
Apache prior 2.0.49 htaccess LIMIT directive bypass
HTTP
2004/09/21
Marc Ruef
marc dot ruef at computec dot ch
http://www.computec.ch
computec.ch
Marc Ruef
marc dot ruef at computec dot ch
http://www.computec.ch
computec.ch
2004/11/14
2.0
Corrected the plugin structure and added the accuracy values in 1.1. Improved the pattern matching and introduced the plugin changelog in 2.0
tcp
80
open|send HEAD / HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/1.[0-1] ### *Server: Apache/[0-1].* OR HTTP/1.[0-1] ### *Server: Apache/2.0.[0-3]* OR HTTP/1.[0-1] ### *Server: Apache/2.0.4[0-8]*
80
This plugin was written with the ATK Attack Editor.
FraMe and MaDj0kEr
2004/03/15
http://www.apacheweek.com/issues/97-09-05#configerrors
Apache Software Foundation
apache at apache dot org
http://httpd.apache.org
Apache prior 2.0.49
Apache 2.0.49 and newer or other solutions
Evasion
The remote host is running an Apache web server. A vulnerability has been discovered in the Apache web server prior 2.0.49 that if the requested resource is served by an Apache module and not by Apache Server itself, LIMIT restrictions may not apply. Additionally, CGI/Script resources that do not sufficiently check the calling method may potentially be invoked with methods not listed in the LIMIT clause to evade LIMIT restrictions.
If the web server is not used it should be de-installed or de-activated. Install the newest patch or bugfix to solve the problem or upgrade to the latest software version which is not vulnerable anymore. To make it harder to find the server the daemon could be configured to listen at another port (e.g. 8081). Alternation of the application banner can confuse an attacker and let him determine the wrong software. Additionally limit unwanted connections and communications with firewalling.
Approx. 2 hours
No
http://www.securityfocus.com/bid/9874/exploit/
Yes
Yes
Medium
6
7
9
6
No exploit ir required.
9874
Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
http://www.apache.org


相关资源
全面网络扫描器VB源代码很实用用vb编写dll动态链接库。教程及一些源代码很实用一本关于ARM 嵌入系统书籍源代码很实用的一个管理党费的vb程序很实用的程序可以看所有代码基于C#语言的一个教务网数据库系统开发案例的源代码 ,很实用哦基于C#语言的一个企业客户管理数据库系统开发案例的源代码 ,很实用基于C#语言的一个物流信息网数据库系统开发案例的源代码 ,很实用一个韩国很眩的网站FLASH 源代码很实用

全面网络扫描器VB源代码 很实用

源代码在线查看： apache prior 2.0.49 htaccess limit directive bypass.plugin

相关代码

相关资源

友情链接

全面网络扫描器VB源代码很实用