Apache HTTP Server 'mod_dav_svn' Denial of Service Vulnerability - Windows

Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Fedora 18 : httpd-2.4.6-2.fc18 (2013-13922)

This update contains the latest release of the Apache HTTP Server, version 2.4.6. Two security issues are resolved in this update : - moddav: Sending a MERGE request against a URI handled by moddavsvn could trigger a segfault. CVE-2013-1896 - modsessiondbd: Make sure that dirty flag is respected...

[SECURITY] Fedora 18 Update: httpd-2.4.6-2.fc18

The Apache HTTP Server is a powerful, efficient, and extensible web server...

CentOS Update for httpd CESA-2013:1156 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for httpd CESA-2013:1156 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for httpd CESA-2013:1156 centos5

Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2013:1156 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RHEL 6 : httpd (RHSA-2013:1156)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1156 advisory. The Apache HTTP Server is a popular web server. A flaw was found in the way the moddav module of the Apache HTTP Server handled merge requests. An...

Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64 (20130813)

A flaw was found in the way the moddav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash. CVE-2013-1896 After installing the updated...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2013:1156 Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS bas...

httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

[SECURITY] Fedora 19 Update: httpd-2.4.6-2.fc19

The Apache HTTP Server is a powerful, efficient, and extensible web server...

httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

Fedora Update for php FEDORA-2013-12354

Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2013-12354 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

MGASA-2013-0231 Updated apache packages fix security vulnerabilities

Updated apache packages fix security vulnerabilities: moddav.c in the Apache HTTP Server before 2.4.6 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for...

Updated apache packages fix CVE-2013-1896

Updated apache packages fix security vulnerability: moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for...

Apache HTTP Server mod_session_dbd 远程安全漏洞(CVE-2013-2249)

BUGTRAQ ID: 61379 CVECAN ID: CVE-2013-2249 Apache HTTP Server是开源HTTP服务器。 Apache HTTP Server 2.4.6之前版本的modsessiondbd模块在保存会话过程中处理“脏旗标”时出错，存在远程安全漏洞，影响目前未知。 0 Apache 2.4.2 厂商补丁： Apache Group ------------ Apache Group已经为此发布了一个安全公告（Announcement2.4）以及相应补丁: Announcement2.4：Apache HTTP Server 2.4.6 Releas...

CVE-2013-2249

modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...

CVE-2013-2249

modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...

Design/Logic Flaw

modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...

CVE-2013-2249

modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...