CVE-2013-2249

CVE-2013-2249 concerns Apache HTTP Server’s mod_session_dbd. The issue arises when mod_session_dbd proceeds with save operations for a session without honoring the dirty flag or requiring a new session ID, as described in multiple sources. Public references indicate the vulnerability is associate...

CVE-2013-2249

modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...

[SECURITY] Fedora 17 Update: php-5.4.17-2.fc17

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Apache HTTP Server mod_dav.c 拒绝服务漏洞(CVE-2013-1896)

CVE ID:CVE-2013-1896 Apache HTTP Server是一款流行的WEB服务器 Apache HTTP Server 2.2.25之前版本中的moddav.c没有正确判断URI是否启用DAV，允许远程攻击者提交URI由moddavsvn模块处理，但XML数据中的某些href属性引用非DAV URI的MERGET请求，可使服务程序触发段错误而崩溃 0 Apache HTTP Server 2.2.25 http://www.apache.org/dist/httpd/Announcement2.2.html...

Critical: Red Hat Security Advisory: php security update

Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 Long Life, and Red Hat Enterprise Linux 5.6, 6.2 and 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability...

Critical: Red Hat Security Advisory: php53 security update

Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2013-2765

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service NULL pointer dereference, process crash, and disk consumption via a POST request with a large body and a crafted Content-Type header...

CVE-2013-2765

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service NULL pointer dereference, process crash, and disk consumption via a POST request with a large body and a crafted Content-Type header...

CVE-2013-2765

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service NULL pointer dereference, process crash, and disk consumption via a POST request with a large body and a crafted Content-Type header...

CVE-2013-2765

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service NULL pointer dereference, process crash, and disk consumption via a POST request with a large body and a crafted Content-Type header...

CVE-2013-2765

CVE-2013-2765 affects the ModSecurity module for the Apache HTTP Server (before 2.7.4). The vulnerability allows remote attackers to cause a denial of service via a POST request with a large body and a crafted Content-Type header, resulting in a NULL pointer dereference, process crash, and disk c...

CVE-2013-2765

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service NULL pointer dereference, process crash, and disk consumption via a POST request with a large body and a crafted Content-Type header...

Oracle Linux 5 : php53 (ELSA-2013-1050)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1050 advisory. 5.3.3-13.1 - add security fix for CVE-2013-4113 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

Critical: Red Hat Security Advisory: php security update

Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Oracle Linux 3 : httpd (ELSA-2009-1205)

From Red Hat Security Advisory 2009:1205 : Updated httpd packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular...

Oracle Linux 3 : httpd (ELSA-2009-1108)

From Red Hat Security Advisory 2009:1108 : Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server...

Oracle Linux 6 : subversion (ELSA-2011-0258)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0258 advisory. - add security fixes for CVE-2010-4644, CVE-2010-4539 672678 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 5 : mod_auth_mysql (ELSA-2009-0259)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2009-0259 advisory. 3.0.0-3.2 - add security fix for CVE-2008-2384 480613 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

Oracle Linux 5 : apr / and / apr-util (ELSA-2009-1204)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2009-1204 advisory. - add security fix for CVE-2009-2412 515709 apr-util: Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

Oracle Linux 4 : httpd (ELSA-2008-0006)

From Red Hat Security Advisory 2008:0006 : Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web...