php security update

CentOS Errata and Security Advisory CESA-2010:0040 Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripti...

UBUNTU-CVE-2009-4490

minihttpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

[SECURITY] [DSA-1970-1] New openssl packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1970-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 13, 2010 http://www.debian.org/security/faq -...

[SECURITY] [DSA-1970-1] New openssl packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1970-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 13, 2010 http://www.debian.org/security/faq -...

PT-2010-1348 · Acme.Com +2 · Mini Httpd +2

Name of the Vulnerable Software and Affected Versions: mini httpd version 1.19 Description: The issue allows remote attackers to potentially modify a window's title or execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator, as mini httpd writes data t...

DSA-1970-1 openssl - denial of service

Bulletin has no description...

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Name Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Systems Affected nginx 0.7.64 Varnish 2.0.6 Cherokee 0.99.30...

RHEL 3 / 4 : Satellite Server (RHSA-2008:0524)

Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. This release corrects several...

RHEL 4 : Satellite Server (RHSA-2008:0261)

Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. During an internal...

MDVA-2010:011 : apache-conf

This is a maintenance and bugfix release of apache-conf that mainly fixes so that the httpd service is handled more gracefully when reloading the apache server 56857. Other fixes where appliable: - fix 53887 obsolete favicon.ico file in Apache default www pages - workaround 47992 apache does not...

CentOS 5 : httpd (CESA-2009:1075)

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the...

CentOS 5 : httpd (CESA-2008:0008)

Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the modimagemap...

CentOS 5 : httpd (CESA-2009:1148)

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the...

CentOS 5 : apr (CESA-2009:1204)

Updated apr and apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache Portable Runtime APR is a portability library used by the...

CentOS 5 : php (CESA-2009:0338)

Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A...

Apache Httpd < 1.3.42 : mod_proxy overflow on 64-bit systems

An incorrect conversion between numeric types flaw was found in the modproxy module which affects some 64-bit architecture systems. A malicious HTTP server to which requests are being proxied could use this flaw to trigger a heap buffer overflow in an httpd child process via a carefully crafted...

Fedora Core 12 FEDORA-2009-12606 (httpd)

The remote host is missing an update to Apache HTTP Server announced via advisory FEDORA-2009-12606. OpenVAS Vulnerability Test $Id: fcore200912606.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-12606 httpd Authors: Thomas Reinke Copyright: Copyrig...

Apache Httpd < 2.2.17 : expat DoS

A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document for example through moddav may be able to cause a crash. This crash would only be a denial of service if using the worker MPM...

Apache Httpd < 2.0.64 : expat DoS

A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document for example through moddav may be able to cause a crash. This crash would only be a denial of service if using the worker MPM...

Fedora 12 : httpd-2.2.14-1.fc12 (2009-12606)

This update contains the latest stable release of Apache httpd. Three security fixes are included, along with several minor bug fixes. A flaw was found in the way the TLS/SSL Transport Layer Security/Secure Sockets Layer protocols handle session renegotiation. A man-in-the-middle attacker could u...