httpd: possible temporary DoS (CPU consumption) in mod_deflate

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

Important: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix multiple security issues are now available for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A...

DEBIAN-CVE-2009-1891

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

CVE-2009-1891

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

CVE-2009-1891

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

CVE-2009-1891

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

CVE-2009-1891

CVE-2009-1891 affects the Apache HTTP Server mod_deflate in 2.2.x (notably 2.2.11 and earlier). The issue causes CPU consumption DoS by compressing large files even after the client connection closes. Public advisories across distributions confirm the flaw and its remediation via updated packages...

EUVD-2009-1886

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

RHEL 5 : httpd (RHSA-2009:1148)

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the...

httpd: mod_proxy reverse proxy DoS (infinite loop)

The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...

httpd security update

2.2.3-22.0.1.el53.2 - Replace index.html with Oracle's index page oracleindex.html - Update vstring and distro in specfile 2.2.3-22.el53.2 - add security fixes for CVE-2009-1890, CVE-2009-1891 509782...

Apache Httpd < 2.0.64 : mod_deflate DoS

A denial of service flaw was found in the moddeflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause moddeflate to consume large amounts of CPU...

Apache Httpd < 2.2.12 : mod_deflate DoS

A denial of service flaw was found in the moddeflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause moddeflate to consume large amounts of CPU...

CentOS Security Advisory CESA-2009:1108 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1108. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...

CentOS Security Advisory CESA-2009:1108 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1108. CESA-2009:1108 64269 2 $Id: ovcesa20091108.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1108 httpd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

CentOS 3 : httpd (CESA-2009:1108)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat...

RHEL 3 : httpd (RHSA-2009:1108)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat...

httpd security update

2.0.46-73.0.1.ent - use oracle index page oracleindex.html - remove logos in poweredby.gif and poweredbyrh.png - add apr-configure.patch 2.0.46-73.ent - forcibly disable SCTP support in APR 2.0.46-72.ent - add security fixes for CVE-2009-0023, CVE-2009-1955, and CVE-2009-1956 apr-util 504562...

Moderate: Red Hat Security Advisory: apr-util security update

Updated apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. apr-util is a utility library used with the Apache Portable Runtime APR. It aims...

Apache Httpd < 2.2.12 : APR-util XML DoS

A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language XML parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine...