MiracleLinux 3 : httpd-2.2.3-63.1.0.1.AXS3 (AXSA:2012-267:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-267:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2011-3607 Integer overflow i...

Exploit for CVE-2012-0053

This repository is an offensive tool for web application exploitation, specifically for cross-site scripting XSS attacks. It contains a collection of payloads and scripts that can be used to exploit vulnerabilities in web applications. The payloads are designed to be injected into a vulnerable we...

Linux Distros Unpatched Vulnerability : CVE-2012-0053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error...

K15273: Apache vulnerability CVE-2012-0053

Security Advisory Description protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long o...

Security Bulletin: Storwize V7000 Unified V1.3.2.3 and V1.4.0.0 Include Fixes for Multiple Vendor Security Vulnerabilities

Abstract Storwize V7000 Unified includes multiple software components for which the vendors have provided fixes for security vulnerabilities in such components. Content VULNERABILITY DETAILS: CVE ID: Vendor| Vendor ID| Vendor Title| Included CVEs ---|---|---|--- Red Hat| RHSA-2012-0143| Critical:...

Apache HTTP Server Multiple Vulnerabilities (Jan 2012) - Linux

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

SUSE: Security Advisory (SUSE-SU-2012:0323-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0284-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2013:0469-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2012-0323)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2012-0128)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-46)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 / 6 : httpd (RHSA-2012:0542)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0542 advisory. The Apache HTTP Server httpd is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server di...

openSUSE Security Update : apache2 (openSUSE-2012-132)

httpd-2.2.x-bnc743743-CVE-2012-0053-serverprotocolc-cookieexposure.diff addresses CVE-2012-0053: error responses can expose cookies when no custom 400 error code ErrorDocument is configured. bnc743743 - httpd-2.2.x-bnc741243-CVE-2012-0031-scoreboardhandling.diff: scoreboard corruption shared mem...

openSUSE Security Update : apache2-201202 (openSUSE-SU-2012:0314-1)

This update of apache2 fixes regressions and several security problems : bnc728876, fix graceful reload bnc741243, CVE-2012-0031: Fixed a scoreboard corruption shared mem segment by child causes crash of privileged parent invalid free during shutdown. bnc743743, CVE-2012-0053: Fixed an issue in...

SOL15273 - Apache vulnerability CVE-2012-0053

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. ARX To mitigate th...

Amazon Linux AMI : httpd (ALAS-2012-46)

It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a specially crafted URI...

Oracle Linux 5 : httpd (ELSA-2012-0323)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0323 advisory. - add security fixes for CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 787596 Tenable has extracted the preceding description block directly from the...

Oracle Linux 6 : httpd (ELSA-2013-0512)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0512 advisory. - add security fix for CVE-2012-2687 850794 - add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 787599 Tenable has...

httpd security, bug fix, and enhancement update

2.2.15-26.0.1.el6 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-26 - htcacheclean: exit with code 4 also for 'restart' action 805810 2.2.15-25 - htcacheclean: exit with code 4 if nonprivileged user runs initscript 805810 - rotatelogs: omit the...