5793 matches found
Moderate: Red Hat Security Advisory: : Updated Apache and mod_ssl packages fix security vulnerabilities
Updated Apache and modssl packages that fix several minor security issues are now available for Red Hat Linux 7.1, 7.2, and 7.3. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. Ben Laurie found a bug in the optional renegotiation code in modssl whi...
Apache stops writing access/error logs after processing "Request-URI" containing "0x1A" characters
Overview A vulnerability in the logging of URI requests may permit a remote attacker to disable logging on an Apache HTTP Server. Version 1.3.27 on Windows systems is reported vulnerable to this issue. Description Apache HTTP Server 1.3.27 running on Win32 systems contains a vulnerability that...
[SNS Advisory No.66] Apache HTTP Server v2 Causes a DoS When Parsing a Type-Map File
---------------------------------------------------------------------- SNS Advisory No.66 Apache HTTP Server v2 Causes a DoS When Parsing a Type-Map File Problem first discovered on: Thu, 26 Dec 2002 Published on: Wed, 09 Jul 2003 Reference: http://www.lac.co.jp/security/english/snsadve/66e.html...
[ANNOUNCE][SECURITY] Apache 2.0.47 released
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apache 2.0.47 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the tenth public release of the Apache 2.0 HTTP Server. This Announcement notes the significant changes in 2.0.47 as compared to 2.0.46...
Apache HTTPD contains denial of service vulnerability in basic authentication module
Overview The Apache HTTP server contains a denial-of-service vulnerability that allows remote attackers to to conduct denial-of-service attacks on the HTTP basic authentication module of an affected server. Description The Apache HTTP server contains a denial-of-service vulnerability in the...
Apache Portable Runtime contains heap buffer overflow in apr_psprintf()
Overview The Apache HTTP server contains a denial-of-service vulnerability that allows remote attackers to conduct denial-of-service attacks against an affected server. Description The Apache HTTP server contains a heap buffer overflow vulnerability in the aprpsprintf function. The Apache Softwar...
Apache HTTP Server 2.x Memory Leak Exploit
Exploit for unknown platform in category dos / poc ========================================== Apache HTTP Server 2.x Memory Leak Exploit ========================================== / apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided...
Apache HTTP Server 2.x Memory Leak Exploit
No description provided by source. / apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided only to test networks for a known vulnerability. Do not use this tool on systems you do not control, and do not use this tool on networks you do...
iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 04.08.03: http://www.idefense.com/advisory/04.08.03.txt Denial of Service in Apache HTTP Server 2.x April 8, 2003 I. BACKGROUND The Apache Software Foundation's HTTP Server Project is an effort to develop and maintain an...
Apache vulnerable to DoS
Overview A remotely exploitable denial-of-service vulnerability exists in the Apache HTTP Server. Exploitation of this vulnerability may allow an attacker to consume all available system resources, resulting in a denial-of-service condition. Description The Apache HTTP Server is a very popular...
Apache vulnerable to DoS via request for MS-DOS device
Overview Systems running the Apache web server under some versions of Microsoft Windows may be vulnerable to a remote denial-of-service condition. Description The Apache HTTP server fails to filter GET requests for MS-DOS style device names. This results in a denial-of-service vulnerability on...
(RHSA-2002:214) php security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA such as sendmail in the 5th argument to mail, altering MTA...
Path Parsing Errata in Apache HTTP Server
Original Message: ----------------- From: [email protected] [email protected] Date: Wed, 22 Jan 2003 09:00:58 -0500 To: [email protected] Subject: Path Parsing Errata in Apache HTTP Server Path Parsing Errata in Apache HTTP Server ABSTRACT The Apache HTTP Server...
Important: Red Hat Security Advisory: apache security update
Updated apache and httpd packages are available which fix a number of security issues for Red Hat Linux Advanced Server 2.1. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. Buffe...
Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fixes two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...
Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fix two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...
Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fixes two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...
DSA-187 apache - several vulnerabilities
Bulletin has no description...
iDEFENSE Security Advisory 10.03.2002: Apache 1.3.x shared memory scoreboard vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.03.2002 Apache 1.3.x shared memory scoreboard vulnerabilities 16:00 GMT, October 3, 2002 I. BACKGROUND The Apache Software Foundation's HTTP Server is an effort to develop and maintain an open-source HTTP server for moder...
Apache 2.0 vulnerability affects non-Unix platforms
-----BEGIN PGP SIGNED MESSAGE----- For Immediate Disclosure =============== SUMMARY ================ Title: Apache 2.0 vulnerability affects non-Unix platforms Date: 9th August 2002 Revision: 2 Product Name: Apache HTTP server 2.0 OS/Platform: Windows, OS2, Netware Permanent URL:...