5762 matches found
httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)
A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
[SECURITY] Fedora 25 Update: php-7.0.25-1.fc25
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
[SECURITY] Fedora 26 Update: php-7.1.11-1.fc26
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
Apache HTTP Server 'mod_auth_digest' DoS Vulnerability - Linux
Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache HTTP Server 'mod_auth_digest' DoS Vulnerability - Windows
Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache HTTP Server Security Bypass Vulnerability (CNVD-2017-34237)
Apache HTTP Server is the United States Apache Apache Software Foundation, an open source web server. The server is fast, reliable and can be expanded through a simple API. A security bypass vulnerability exists in Apache HTTP Server. A remote attacker can exploit this vulnerability to bypass...
Important: Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update
An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives...
Apache: Multiple vulnerabilities
Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache. Please review the referenced CVE identifiers for details. Impact The Optionsbleed vulnerability can leak arbitrary memory from the server...
USN-3425-2: Apache HTTP Server vulnerability
USN-3425-1 fixed a vulnerability in Apache HTTP Server. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Hanno Böck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2017:2972 An update for httpd is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
RedHat Update for httpd RHSA-2017:2972-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Secure Global Desktop Web Services Component Remote Authentication Bypass (October 2017 CPU)
The version of Oracle Secure Global Desktop installed on the remote host is 5.3 and is missing a security patch from the October 2017 Critical Patch Update CPU. It is, therefore, affected by an Apache HTTP server remote authentication bypass vulnerability in the web services component. The Apache...
Apache HTTP Server 'Whitespace Defects' Multiple Vulnerabilities
Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
RedHat Update for httpd RHSA-2017:2882-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Apache HTTP Server OPTIONS Memory Leak Vulnerability (Optionsbleed) - Version Check
Apache HTTP Server allows remote attackers to read secret data from process memory if the Limit directive can be set in a user SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
[SECURITY] Fedora 27 Update: httpd-2.4.27-8.fc27
The Apache HTTP Server is a powerful, efficient, and extensible web server...
BSA-2017-435
Security Advisory ID : BSA-2017-435 Component : Apache HTTPD Revision : 3.0: Final Apachehttpdallows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccessfile, or ifhttpd.confhas certain misconfigurations, akaOptionsbleed. This affects th...
[SECURITY] Fedora 26 Update: httpd-2.4.27-3.fc26
The Apache HTTP Server is a powerful, efficient, and extensible web server...