CentOS Update for httpd CESA-2013:1156 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for httpd CESA-2013:1156 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for httpd CESA-2013:1156 centos6

Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2013:1156 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Ultra Mini HTTPD Stack Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Ultra Mini HTTPD...

RHEL 6 : httpd (RHSA-2013:1156)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1156 advisory. The Apache HTTP Server is a popular web server. A flaw was found in the way the moddav module of the Apache HTTP Server handled merge requests. An...

CentOS 5 / 6 : httpd (CESA-2013:1156)

Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64 (20130813)

A flaw was found in the way the moddav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash. CVE-2013-1896 After installing the updated...

Oracle Linux 5 / 6 : httpd (ELSA-2013-1156)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1156 advisory. 2.2.15-29.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-29 - moddav: add security fix for...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2013:1156 Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS bas...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

OneHTTPD 0.7 - Denial of Service

!/usr/bin/env python Exploit Title: onehttpd 0.7 Denial of Service Date: 12 Aug 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: https://code.google.com/p/onehttpd/ Version: onehttpd 0.7 Tested on: Windows 7 Ultimate English Windows XP SP2 English from socket import...

httpd security update

2.2.15-29.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-29 - moddav: add security fix for CVE-2013-1896 991368...

Updated subversion packages fixes security vulnerability

Subversion's moddavsvn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a SEGFAULT or equivalent or undefined behavior. Commit access is required t...

MGASA-2013-0244 Updated subversion packages fixes security vulnerability

Subversion's moddavsvn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a SEGFAULT or equivalent or undefined behavior. Commit access is required t...

Fedora 19 : httpd-2.4.6-2.fc19 (2013-13994)

This update contains the latest release of the Apache HTTP Server, version 2.4.6. Two security issues are resolved in this update : - moddav: Sending a MERGE request against a URI handled by moddavsvn could trigger a segfault. CVE-2013-1896 - modsessiondbd: Make sure that dirty flag is respected...

Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : httpd (SSA:2013-218-02)

New httpd packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-218-02. The tex...

Mandriva Linux Security Advisory : subversion (MDVSA-2013:209)

A vulnerability has been found and corrected in subversion : The moddavsvn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service assertion failure or out-of-bounds read via a certain 1 COPY, 2 DELETE, or...

[slackware-security] httpd

New httpd packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/httpd-2.4.6-i486-1slack14.0.txz: Upgraded. This update addresses two security issues: SECURITY:...

httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

Apache Httpd < 2.4.16 : ap_some_auth_required API unusable

A design error in the "apsomeauthrequired" function renders the API unusuable in httpd 2.4.x. In particular the API is documented to answering if the request required authentication but only answers if there are Require lines in the applicable configuration. Since 2.4.x Require lines are used for...