CentOS 3 : httpd (CESA-2009:1205)

Updated httpd packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2009:1205 Updated httpd packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a...

httpd security and bug fix update

2.0.46-75.0.1.ent - use oracle index page oracleindex.html - remove logos in poweredby.gif and poweredbyrh.png - add apr-configure.patch 2.0.46-75.ent - add security fix for CVE-2009-1891 515705 - include fix for upstream PR 39605 2.0.46-74.ent - add security fixes for CVE-2009-2412 515705 - add...

Apache Httpd < 2.2.14 : Solaris pollset DoS

Faulty error handling was found affecting Solaris pollset support Event Port backend caused by a bug in APR. A remote attacker could trigger this issue on Solaris servers which used prefork or event MPMs, resulting in a denial of service...

Slackware 12.0 / 12.1 / 12.2 / current : httpd (SSA:2009-214-01)

New httpd packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2009-214-01. The text itself is copyrig...

httpd

New httpd packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. More details about these issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-1891 https://vulners.com/cve/CVE-2009-1195...

CentOS Security Advisory CESA-2009:1148 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1148. CESA-2009:1148 64448 2 $Id: ovcesa20091148.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1148 httpd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

RedHat Security Advisory RHSA-2009:1148

The remote host is missing updates announced in advisory RHSA-2009:1148. The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the Apache modproxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume...

CentOS Security Advisory CESA-2009:1148 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1148. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...

Apache Httpd < 2.2.13 : APR apr_palloc heap overflow

A flaw in aprpalloc in the bundled copy of APR could cause heap overflows in programs that try to aprpalloc a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses...

Apache Httpd < 2.0.64 : APR apr_palloc heap overflow

A flaw in aprpalloc in the bundled copy of APR could cause heap overflows in programs that try to aprpalloc a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses...

DD-WRT (httpd service) Remote Command Execution Vulnerability

No description provided by source. This is a remote root vulnerability in DD-WRT's httpd server. The bug exists at the latest 24 sp1 version of the firmware. The problem is due to many bugs and bad software design decisions. Here is part of httpd.c: 859 if containsstringfile, "cgi-bin" 860 861...

DD-WRT Remote Root

----------------------------------------------------------------------------------------- A remote root vulnerability in the DD-WRT's httpd service. The bug exists in the latest 24 sp1 version of the firmware. The problem is due to a number of bugs and bad software design decisions. Here is part ...

DD-WRT HTTPd Daemon/Service - Remote Command Execution

This is a remote root vulnerability in DD-WRT's httpd server. The bug exists at the latest 24 sp1 version of the firmware. The problem is due to many bugs and bad software design decisions. Here is part of httpd.c: 859 if containsstringfile, "cgi-bin" 860 861 authfail = 0; 862 if !doauth 863...

DD-WRT (httpd service) Remote Command Execution Vulnerability

Exploit for hardware platform in category remote exploits ============================================================= DD-WRT httpd service Remote Command Execution Vulnerability ============================================================= This is a remote root vulnerability in DD-WRT's httpd...

DD-WRT HTTPd DaemonService - Remote Command Execution

DD-WRT HTTPd DaemonService - Remote Command Execution This is a remote root vulnerability in DD-WRT's httpd server. The bug exists at the latest 24 sp1 version of the firmware. The problem is due to many bugs and bad software design decisions. Here is part of httpd.c: 859 if containsstringfile,...

httpd: possible temporary DoS (CPU consumption) in mod_deflate

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

Design/Logic Flaw

Unspecified vulnerability in HP ProCurve Threat Management Services zl Module J9155A ST.1.0.090213 and earlier allows remote attackers to cause a denial of service by triggering a stop or crash in httpd, aka PR18770, a different vulnerability than CVE-2009-1423 and CVE-2009-1424...

CVE-2009-1425

Unspecified vulnerability in HP ProCurve Threat Management Services zl Module J9155A ST.1.0.090213 and earlier allows remote attackers to cause a denial of service by triggering a stop or crash in httpd, aka PR18770, a different vulnerability than CVE-2009-1423 and CVE-2009-1424...

CVE-2009-1425

The CVE-2009-1425 entry affects HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and earlier. It is described as an unspecified vulnerability that allows remote attackers to cause a denial of service by triggering a stop or crash in httpd. This CVE is distinct from CVE-2009...