MiracleLinux 3 : httpd-2.2.3-63.1.0.1.AXS3 (AXSA:2012-267:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-267:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2011-3607 Integer overflow i...

Linux Distros Unpatched Vulnerability : CVE-2011-3607

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module...

K16907: Apache HTTPD vulnerability CVE-2011-3607

Security Advisory Description Integer overflow in the appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, ...

Apache HTTP Server Multiple Vulnerabilities (Jan 2012) - Linux

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

SUSE: Security Advisory (SUSE-SU-2013:0469-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2012-0323)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2012-0128)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-46)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SOL16907 - Apache HTTPD vulnerability CVE-2011-3607

Integer overflow in the appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted...

RHEL 5 / 6 : httpd (RHSA-2012:0542)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0542 advisory. The Apache HTTP Server httpd is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server di...

openSUSE Security Update : apache2 (openSUSE-SU-2012:0212-1)

This update fixes several security issues in the Apache2 webserver. CVE-2011-3368, CVE-2011-4317: This update also includes several fixes for a modproxy reverse exposure via RewriteRule or ProxyPassMatch directives. CVE-2011-3607: Integer overflow in appregsub function resulting in a heap based...

openSUSE Security Update : apache2 (openSUSE-SU-2012:0248-1)

This update fixes several security issues in the Apache2 webserver. CVE-2011-3368, CVE-2011-4317: This update also includes several fixes for a modproxy reverse exposure via RewriteRule or ProxyPassMatch directives. CVE-2011-3607: Integer overflow in appregsub function resulting in a heap based...

openSUSE Security Update : apache2 (openSUSE-2012-132)

httpd-2.2.x-bnc743743-CVE-2012-0053-serverprotocolc-cookieexposure.diff addresses CVE-2012-0053: error responses can expose cookies when no custom 400 error code ErrorDocument is configured. bnc743743 - httpd-2.2.x-bnc741243-CVE-2012-0031-scoreboardhandling.diff: scoreboard corruption shared mem...

Amazon Linux AMI : httpd (ALAS-2012-46)

It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a specially crafted URI...

Oracle Linux 5 : httpd (ELSA-2012-0323)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0323 advisory. - add security fixes for CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 787596 Tenable has extracted the preceding description block directly from the...

Oracle Linux 6 : httpd (ELSA-2013-0512)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0512 advisory. - add security fix for CVE-2012-2687 850794 - add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 787599 Tenable has...

httpd security, bug fix, and enhancement update

2.2.15-26.0.1.el6 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-26 - htcacheclean: exit with code 4 also for 'restart' action 805810 2.2.15-25 - htcacheclean: exit with code 4 if nonprivileged user runs initscript 805810 - rotatelogs: omit the...

Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)

This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2012-004. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)

The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-004 applied. This update contains multiple security-related fixes for the following components : - Apache - Data Security - DirectoryService - ImageIO - International Components for Unicode - Mail - PHP ...

Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)

The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.5. The newer version contains multiple security-related fixes for the following components : - Apache - BIND - CoreText - Data Security - ImageIO - Installer - International Components for Unicode - Kernel - Mail - PHP ...