SOL17202 - Apache HTTP server vulnerability CVE-2012-3502

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

F5 Networks BIG-IP : Apache HTTP server vulnerability (SOL17189)

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

CentOS Errata and Security Advisory CESA-2015:1667 Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

RedHat Update for httpd RHSA-2015:1668-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SOL17157 - Apache HTTP server vulnerability CVE-2015-0228

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

CentOS 6 : subversion (CESA-2015:1633)

Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

Moderate: Red Hat Security Advisory: subversion security update

Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

RHEL 5 / 6 / 7 : Red Hat JBoss Web Server 2.1.0 tomcat (RHSA-2015:1622)

The remote Redhat Enterprise Linux 5 / 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1622 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of...

Apache HTTP Server Multiple Vulnerabilities (Aug 2015) - Windows

Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver";...

Apache HTTP Server Multiple Vulnerabilities (Aug 2015) - Linux

Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver";...

[SECURITY] Fedora 21 Update: httpd-2.4.16-1.fc21

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Debian DLA-284-1 : apache2 security update

A vulnerability has been found in the Apache HTTP Server. CVE-2015-3183 Apache HTTP Server did not properly parse chunk headers, which allowed remote attackers to conduct HTTP request smuggling via a crafted request. This flaw relates to mishandling of large chunk-size values and invalid...

Ubuntu 14.04 LTS : Apache HTTP Server vulnerabilities (USN-2686-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2686-1 advisory. It was discovered that the Apache HTTP Server incorrectly parsed chunk headers. A remote attacker could possibly use this issue to perform HTTP request...

Ubuntu: Security Advisory (USN-2686-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-284-1 apache2 - security update

Bulletin has no description...

USN-2686-1 apache2 vulnerabilities

It was discovered that the Apache HTTP Server incorrectly parsed chunk headers. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks. CVE-2015-3183 It was discovered that the Apache HTTP Server incorrectly handled the apsomeauthrequired API. A remote attacker...

MGASA-2015-0281 Updated apache package fixes security vulnerabilities

The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2015:1249 Updated httpd packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scori...

[SECURITY] Fedora 22 Update: httpd-2.4.16-1.fc22

The Apache HTTP Server is a powerful, efficient, and extensible web server...

KLA10640 Multiple vulnerabilities in Apache HTTP Server

Multiple serious vulnerabilities have been found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities 1. Stack recursion crash in the modlua module in the luarequest.c file in luawebsocketread function c...